Skip to content

Page408

Chapter 4: Domain 3: Security Architecture and Engineering

  1. What type of sprinkler system would be best for an art gallery?
    A. Wet pipe
    B. Dry pipe
    C. Deluge
    D. Pre-action

Correct Answer and Explanation: D. Answer D is correct; pre-action sprinkler systems lower the chance of accidental discharge by requiring two separate triggers to deploy: the sprinkler head must open and the fire alarm must trigger. These systems lower the risk of false alarms, typically used in areas where water would cause expensive damage.

Incorrect Answers and Explanations: A, B, and C. Answers A, B, and C are incorrect; all release water after a single trigger. This increases the chance of a false alarm causing expensive damage.

  1. What is the primary drawback to using dogs as a perimeter control?
    A. Training
    B. Cost
    C. Liability
    D. Appearance

Correct Answer and Explanation: C. Answer C is correct; liability is the primary drawback to using dogs as a security control. Dogs may mistakenly attack a person who accidentally enters a controlled area.

Incorrect Answers and Explanations: A, B, and D. Answers A, B, and D are incorrect; they are all potentially valid issues, but are lesser concerns than liability and safety.

  1. The RSA algorithm is based on which one-way function?
    A. Elliptic curves
    B. Discrete logarithm
    C. Frequency distribution
    D. Factoring composite numbers into their primes

Correct Answer and Explanation: D. Answer D is correct; RSA is based on the difficulty of factoring large composite numbers into their primes.

Incorrect Answers and Explanations: A, B, and C. Answers A, B, and C are incorrect. Elliptic curve and discrete logarithms are other types of one-way functions. Frequency distribution is a way to perform cryptanalysis.

  1. Which of the following is true for digital signatures?
    A. The sender encrypts the hash with a public key
    B. The sender encrypts the hash with a private key
    C. The sender encrypts the plaintext with a public key
    D. The sender encrypts the plaintext with a private key

Correct Answer and Explanation: B. Answer B is correct; the sender generates a hash of the plaintext and encrypts the hash with a private key. The recipient decrypts the hash with a public key.

Incorrect Answers and Explanations: A, C, and D. Answers A, C, and D are incorrect. The sender encrypts the hash with the private key, not public. The plaintext is hashed, and not encrypted.

  1. Which algorithm should you use for a low-power device that must employ digital signatures?
    A. AES
    B. RSA
    C. ECC
    D. ElGamal

Correct Answer and Explanation: C. Answer C is correct; digital signatures require asymmetric encryption. ECC is the strongest asymmetric algorithm per bit of key length. This allows shorter key lengths that require less CPU resources.

Incorrect Answers and Explanations: A, B, and D. Answers A, B, and D are incorrect. AES is a symmetric cipher; symmetric ciphers are not used in digital signatures. RSA is based on factoring composite numbers into their primes, and ElGamal is based on discrete logarithms. Both methods provide roughly the same strength per bit and are far weaker per bit than ECC.