CompTIA Security+ Question E-43

A security analyst has been notified that trade secrets are being leaked from one of the executives in the corporation. When reviewing this executive’s laptop they notice several pictures of the employee’s pets are on the hard drive and on a cloud storage network. When the analyst hashes the images on the hard drive against the hashes on the cloud network they do not match.
Which of the following describes how the employee is leaking these secrets?

A. Social engineering
B. Steganography
C. Hashing
D. Digital signatures

Answer: B

Explanation:
Steganography is the process of hiding one message in another. Steganography may also be referred to as electronic watermarking. It is also the process of hiding a message in a medium such as a digital image, audio fi le, or other fi le. In theory, doing this prevents analysts from detecting the real message. You could encode your message in another file or message and use that file to hide your message.

CompTIA Security+ Question E-35

Which of the following functions provides an output which cannot be reversed and converts data into a string of characters?

A. Hashing
B. Stream ciphers
C. Steganography
D. Block ciphers

Answer: A

Explanation:
Hashing refers to the hash algorithms used in cryptography. It is used to store data, such as hash tables one of its characteristics is that it must be one-way – it is not reversible.

CompTIA Security+ Question E-5

Company A submitted a bid on a contract to do work for Company B via email. Company B was insistent that the bid did not come from Company A. Which of the following would have assured that the bid was submitted by Company A?

A. Steganography
B. Hashing
C. Encryption
D. Digital Signatures

Answer: D

Explanation:
A digital signature is similar in function to a standard signature on a document. It validates the integrity of the message and the sender. The message is encrypted using the encryption system, and a second piece of information, the digital signature, is added to the message.

CompTIA Security+ Question D-56

Which of the following should Matt, a security administrator, include when encrypting smartphones? (Select TWO).

A. Steganography images
B. Internal memory
C. Master boot records
D. Removable memory cards
E. Public keys

Answer: B,D

Explanation:
All useable data on the device should be encrypted. This data can be located on the hard drive, or removable drives, such as USB devices and memory cards, and on internal memory.

CompTIA Security+ Question C-51

Which of the following represents a cryptographic solution where the encrypted stream cannot be captured by a sniffer without the integrity of the stream being compromised?

A. Elliptic curve cryptography.
B. Perfect forward secrecy.
C. Steganography.
D. Quantum cryptography.

Answer: D

Explanation:
Quantum cryptography is a cryptosystem that is completely secure against being compromised without knowledge of the sender or the receiver of the messages.

CompTIA Security+ Question C-26

Which of the following concepts describes the use of a one way transformation in order to validate the integrity of a program?

A. Hashing
B. Key escrow
C. Non-repudiation
D. Steganography

Answer: A

Explanation:
Hashing refers to the hash algorithms used in cryptography. It is used to store data, such as hash tables and its main characteristics are: It must be one-way – it is not reversible. Variable-length input produces fixed-length output – whether you have two characters or 2 million, the hash size is the same. The algorithm must have few or no collisions – in hashing two different inputs does not give the same output.

CompTIA Security+ Question B-95

A security analyst discovered data such as images and word documents hidden within different types of files. Which of the following cryptographic concepts describes what was discovered?

A. Symmetric encryption
B. Non-repudiation
C. Steganography
D. Hashing

Answer: C

Explanation:
Steganography is the process of concealing a file, message, image, or video within another file, message, image, or video. Note: The advantage of steganography over cryptography alone is that the intended secret message does not attract attention to itself as an object of scrutiny. Plainly visible encrypted messages, no matter how unbreakable will arouse interest, and may in themselves be incriminating in countries where encryption is illegal. Thus, whereas cryptography is the practice of protecting the contents of a message alone, steganography is concerned with concealing the fact that a secret message is being sent, as well as concealing the contents of the message.

CompTIA Security+ Question B-25

Which of the following must a user implement if they want to send a secret message to a coworker by embedding it within an image?

A. Transport encryption
B. Steganography
C. Hashing
D. Digital signature

Answer: B

Explanation:
Steganography is the process of concealing a file, message, image, or video within another file, message, image, or video. Note: The advantage of steganography over cryptography alone is that the intended secret message does not attract attention to itself as an object of scrutiny. Plainly visible encrypted messages, no matter how unbreakable will arouse interest, and may in themselves be incriminating in countries where encryption is illegal. Thus, whereas cryptography is the practice of protecting the contents of a message alone, steganography is concerned with concealing the fact that a secret message is being sent, as well as concealing the contents of the message.

CompTIA Security+ Question A-78

A company would like to take electronic orders from a partner; however, they are concerned that a non-authorized person may send an order. The legal department asks if there is a solution that provides non-repudiation. Which of the following would meet the requirements of this scenario?

A. Encryption
B. Digital signatures
C. Steganography
D. Hashing
E. Perfect forward secrecy

Answer: B

Explanation:
A digital signature is an electronic mechanism to prove that a message was sent from a specific user (that is, it provides for non-repudiation) and that the message wasn’t changed while in transit (it also provides integrity). Thus digital signatures will meet the stated requirements.