When combined with unique session values, message authentication can protect against which of
the following?
A.
Reverse engineering, frequency analysis, factoring attacks, and ciphertext-only attack.
B.
Masquerading, frequency analysis, sequence manipulation, and ciphertext-only attack.
C.
Reverse engineering, content modification, factoring attacks, and submission notification.
D.
Masquerading, content modification, sequence manipulation, and submission notification.
Explanation:
Unique session values: “IPSec: ….Each device will have one security association (SA) for each session
that it uses. The SA is critical to the IPSec architecture and is a record of the configuration the device
needs to support an IPSec connection. Pg 575 Shon Harris All-In-One CISSP Certification Exam Guide.
Message authentication and content modification: “Hashed Message Authentication Code (HMAC):
An HMAC is a hashed alogrithim that uses a key to generate a Message Authentication Code (MAC).
A MAC is a type of check sum that is a function of the information in the message. The MAC is
generated before the message is sent, appended to the message, and then both are transmitted. At
the receiving end, a MAC is generated from the message alone using the same algorithm as used by
the sender and this MAC is compared to the MAC sent with the message. If they are not identical,
the message was modified en route. Hashing algorithms can be used to generate the MAC and hash
algorithms using keys provide stronger protection than ordinary MAC generation. Frequency
analysis: Message authentication and session values do not protect against Frequency Analysis so A
and B are eliminated. “Simple substitution and transposition ciphers are vulnerable to attacks thatperform frequency analysis. In every language, there are words and patters that are used more often
than others. For instance, in the English language, the words “the.’ “and,” “that,” and “is” are very
frequent patters of letters used in messages and conversation. The beginning of messages usually
starts “Hello” or “Dear” and ends with “Sincerely” or “Goodbye.” These patterns help attackers
figure out the transformation between plaintext to ciphertext, which enables them to figure out the
key that was used to perform the transformation. It is important for cryptosystems to no reveal
these patterns.” Pg. 507 Shon Harris All-In-One CISSP Certification Exam Guide Ciphertext-Only
Attack: Message authentication and session values do not protect against Ciphertext so A and B are
again eliminated. “Ciphertext-Only Attack: In this type of an attack, an attacker has the ciphertext of
several messages. Each of the messages has been encrypted using the same encryption algorithm.
The attacker’s goal is to discover the plaintext of the messages by figuring out the key used in the
encryption process. Once the attacker figures out the key, she can now decrypt all other messages
encrypted with the same key.” Pg 577 Shon Harris All-In-One CISSP Certification Exam Guide.
Birthday attack: “….refer to an attack against the hash function known as the birthday attack.” Pg
162 Krutz: The CISSP Prep Guide. MAC utilizes a hashing function and is therefore susceptible to
birthday attack. Masguerading Attacks: Session values (IPSec) does protect against session hijacking
but not spoofing so C is eliminated. “Masguerading Attacks: ….we’ll look at two common
masquerading attacks – IP Spoofing and session hijacking.” Pg 275 Tittel: CISSP Study Guide. Session
hijacking: “If session hijacking is a concern on a network, the administrator can implement a protocol
that requires mutual authentication between users like IPSec. Because the attacker will not have the
necessary credentials to authenticate to a user, she cannot act as an imposter and hijack sessions.”
Pg 834 Shon Harris All-In-One CISSP Certification Exam Guide Reverse engineering: Message
authentication protects against reverse engineering. Reverse engineering: “The hash function is
considered one-way because the original file cannot be created from the message digest.” Pg. 160
Krutz: The CISSP Prep Guide Content modification: Message authentication protects against content
modification. Factoring attacks: Message authentication protects against factoring attacks.