1. Which type of encryption uses the same key for both encryption and decryption?
A) Symmetric Encryption ✅
B) Asymmetric Encryption
C) Hashing
D) Digital Signatures
Explanation: Symmetric encryption uses a single shared key for both encryption and decryption, making it faster but requiring secure key exchange.
2. What is the primary disadvantage of symmetric encryption compared to asymmetric encryption?
A) It is too slow
B) It requires secure key exchange ✅
C) It does not use mathematical operations
D) It cannot encrypt large files
Explanation: The biggest challenge in symmetric encryption is the key exchange problem—both sender and receiver must securely share the secret key without interception.
3. Which of the following is an example of symmetric encryption?
A) RSA
B) AES ✅
C) ECC
D) Diffie-Hellman
Explanation: AES (Advanced Encryption Standard) is a widely used symmetric encryption algorithm. RSA and ECC are asymmetric methods.
4. In asymmetric encryption, how many keys are used?
A) 1
B) 2 ✅
C) 3
D) 4
Explanation: Asymmetric encryption uses a key pair—a public key for encryption and a private key for decryption.
5. Which encryption method is faster?
A) Symmetric encryption ✅
B) Asymmetric encryption
C) Both have the same speed
D) None of the above
Explanation: Symmetric encryption is faster because it uses simpler mathematical operations and does not involve complex key pairs like asymmetric encryption.
6. Which asymmetric encryption algorithm is most commonly used for secure data transmission?
A) AES
B) RSA ✅
C) DES
D) Blowfish
Explanation: RSA (Rivest-Shamir-Adleman) is a widely used asymmetric encryption algorithm, especially in TLS/SSL and digital signatures.
7. Which encryption method is best suited for encrypting large amounts of data?
A) Asymmetric Encryption
B) Symmetric Encryption ✅
C) Both are equally good
D) None of the above
Explanation: Symmetric encryption is more efficient for encrypting large files due to its speed advantage over asymmetric encryption.
8. What is the role of the public key in asymmetric encryption?
A) It is used to decrypt messages
B) It is shared openly and used for encryption ✅
C) It must be kept secret
D) It is used to create a one-time password
Explanation: In asymmetric encryption, the public key is freely shared and is used for encrypting data, while the private key is kept secret for decryption.
9. What is the main purpose of asymmetric encryption in SSL/TLS?
A) Encrypt large files
B) Securely exchange session keys ✅
C) Encrypt and decrypt data at high speeds
D) Generate random numbers
Explanation: Asymmetric encryption in SSL/TLS is mainly used to exchange session keys securely. Once exchanged, symmetric encryption is used for data transmission.
10. Which key in asymmetric encryption must always remain secret?
A) Public Key
B) Private Key ✅
C) Both Keys
D) None of the above
Explanation: The private key must never be shared as it is used to decrypt data encrypted with the corresponding public key.
11. Which encryption method is commonly used for digital signatures?
A) Symmetric Encryption
B) Asymmetric Encryption ✅
C) Hashing
D) Steganography
Explanation: Asymmetric encryption is used in digital signatures to verify authenticity and integrity using public-private key pairs.
12. What is the main disadvantage of asymmetric encryption?
A) It is too fast
B) It uses too many keys
C) It is computationally slower ✅
D) It cannot encrypt files
Explanation: Asymmetric encryption is slower due to complex mathematical operations like modular exponentiation, making it inefficient for encrypting large amounts of data.
13. Which encryption method is primarily used in VPNs for encrypting data traffic?
A) Asymmetric Encryption
B) Symmetric Encryption ✅
C) Hashing
D) None of the above
Explanation: VPNs mainly use symmetric encryption (AES, ChaCha20, etc.) because it provides fast and secure encryption for data transmission.
14. What is the key length commonly used in RSA encryption?
A) 128-bit
B) 256-bit
C) 1024-bit or higher ✅
D) 64-bit
Explanation: RSA commonly uses 1024-bit, 2048-bit, or 4096-bit key lengths to provide strong security.
15. Which of the following is NOT a symmetric encryption algorithm?
A) DES
B) RSA ✅
C) AES
D) Blowfish
Explanation: RSA is an asymmetric encryption algorithm, whereas DES, AES, and Blowfish are symmetric.
16. In asymmetric encryption, what happens if a private key is compromised?
A) The public key becomes useless
B) The encryption remains secure
C) The security is completely broken ✅
D) A new key is automatically generated
Explanation: If the private key is compromised, an attacker can decrypt all data encrypted with the corresponding public key, making security vulnerable.
17. Which asymmetric algorithm is based on elliptic curve cryptography (ECC)?
A) AES
B) RSA
C) ECC ✅
D) Blowfish
Explanation: ECC (Elliptic Curve Cryptography) is an asymmetric encryption algorithm that offers strong security with smaller key sizes compared to RSA.
18. What is the primary advantage of ECC over RSA?
A) Faster encryption and decryption
B) Stronger security with smaller key sizes ✅
C) Requires only one key
D) It does not require key exchange
Explanation: ECC provides equivalent security to RSA but with smaller key sizes, making it faster and more efficient.
19. In a hybrid encryption system, what role does asymmetric encryption play?
A) Encrypting the main data
B) Exchanging session keys ✅
C) Encrypting passwords
D) Hashing data
Explanation: Hybrid encryption uses asymmetric encryption to exchange symmetric keys, then symmetric encryption for actual data encryption.
20. Which statement is true about asymmetric encryption?
A) Both parties use the same key
B) The public key is kept secret
C) It uses a public-private key pair ✅
D) It is faster than symmetric encryption
Explanation: Asymmetric encryption relies on a public-private key pair where the public key is shared and the private key is kept secret.
21. Which encryption method is more commonly used in end-to-end encrypted messaging applications like Signal and WhatsApp?
A) Symmetric encryption
B) Asymmetric encryption
C) A combination of both ✅
D) Only hashing
Explanation: End-to-end encrypted messaging apps first use asymmetric encryption (for key exchange) and then switch to symmetric encryption for fast data encryption.
22. What is a common use case for asymmetric encryption in modern web security?
A) Encrypting entire databases
B) Encrypting VPN traffic
C) Secure key exchange in TLS/SSL ✅
D) Encrypting local files
Explanation: Asymmetric encryption is used in TLS/SSL handshakes to securely exchange symmetric keys before encrypting web traffic.
23. Which type of encryption is best suited for encrypting a USB drive?
A) Asymmetric encryption
B) Symmetric encryption ✅
C) Both
D) None
Explanation: Symmetric encryption is best for encrypting USB drives because it is fast and does not require a key pair, making it efficient for storage encryption.
24. Which cryptographic protocol uses asymmetric encryption for digital certificates?
A) AES
B) RSA
C) PKI ✅
D) DES
Explanation: Public Key Infrastructure (PKI) uses asymmetric encryption to manage digital certificates and secure communication.
25. Why is asymmetric encryption not commonly used for encrypting large files?
A) It is not secure
B) It is too slow ✅
C) It requires a shared key
D) It does not work with large files
Explanation: Asymmetric encryption involves complex mathematical calculations, making it too slow for encrypting large files. Instead, symmetric encryption is used for efficiency.
26. What does asymmetric encryption provide that symmetric encryption does not?
A) Faster encryption
B) Higher security
C) Authentication and non-repudiation ✅
D) Lower computational power usage
Explanation: Asymmetric encryption provides authentication and non-repudiation, ensuring that the sender cannot deny sending a message when digital signatures are used.
27. Which key is used to verify a digital signature in asymmetric encryption?
A) Private key
B) Public key ✅
C) Session key
D) Shared key
Explanation: A public key is used to verify a digital signature that was created using a private key.
28. In asymmetric encryption, what happens if the public key is compromised?
A) Encryption is completely broken
B) The private key also gets compromised
C) The encrypted data remains secure ✅
D) The key is automatically replaced
Explanation: The public key is meant to be shared openly, so if it is compromised, the encrypted data is still secure as long as the private key remains secret.
29. Which encryption method is commonly used for email encryption protocols like PGP and S/MIME?
A) Symmetric encryption
B) Asymmetric encryption ✅
C) Hashing
D) None of the above
Explanation: PGP (Pretty Good Privacy) and S/MIME (Secure/Multipurpose Internet Mail Extensions) use asymmetric encryption for email security.
30. What is the purpose of key exchange in cryptography?
A) To distribute encryption keys securely ✅
B) To generate random numbers
C) To replace encryption algorithms
D) To decrypt data faster
Explanation: The key exchange process (e.g., Diffie-Hellman) is used to securely distribute encryption keys between communicating parties.
31. What type of encryption is used in blockchain technology for securing transactions?
A) Symmetric encryption
B) Asymmetric encryption ✅
C) Only hashing
D) Steganography
Explanation: Blockchain technology uses asymmetric encryption (ECC, RSA) to sign transactions and ensure security.
32. Which type of encryption ensures data confidentiality but not sender authentication?
A) Symmetric encryption ✅
B) Asymmetric encryption
C) Digital signatures
D) None of the above
Explanation: Symmetric encryption only ensures confidentiality, as it does not provide sender authentication or non-repudiation.
33. What is a session key in encryption?
A) A permanent key used for decryption
B) A temporary symmetric key used for a single session ✅
C) A public key used for authentication
D) A key used only for hashing
Explanation: A session key is a temporary symmetric key used for encrypting a session, typically exchanged using asymmetric encryption.
34. In asymmetric encryption, what happens if a private key is lost?
A) The encrypted data becomes inaccessible ✅
B) The public key can recover it
C) A new key pair is automatically generated
D) The encryption is not affected
Explanation: If the private key is lost, the encrypted data cannot be decrypted, making it permanently inaccessible.
35. Which asymmetric encryption algorithm is considered more efficient than RSA in terms of key size?
A) AES
B) ECC ✅
C) DES
D) SHA-256
Explanation: Elliptic Curve Cryptography (ECC) provides the same level of security as RSA but with smaller key sizes, making it more efficient.
36. Which key is used to encrypt data in an asymmetric encryption system?
A) Private key
B) Public key ✅
C) Shared key
D) Secret key
Explanation: In asymmetric encryption, the public key is used for encryption, while the private key is used for decryption.
37. Which of the following is NOT a function of asymmetric encryption?
A) Secure key exchange
B) Digital signatures
C) Large-scale data encryption ✅
D) Authentication
Explanation: Asymmetric encryption is not efficient for large-scale data encryption due to its slow processing speed.
38. What type of encryption is commonly used in disk encryption tools like BitLocker and VeraCrypt?
A) Asymmetric encryption
B) Symmetric encryption ✅
C) Only hashing
D) Quantum encryption
Explanation: Disk encryption tools like BitLocker and VeraCrypt use symmetric encryption (e.g., AES) for fast and secure encryption of stored data.
39. What is one major reason RSA is being replaced by ECC in many applications?
A) RSA is not secure anymore
B) ECC requires smaller key sizes for the same security level ✅
C) RSA uses hashing instead of encryption
D) ECC is not asymmetric
Explanation: ECC offers strong security with smaller key sizes compared to RSA, making it more efficient for modern applications.
40. In hybrid encryption, why is asymmetric encryption used instead of symmetric encryption for key exchange?
A) It is faster than symmetric encryption
B) It provides a secure way to exchange symmetric keys ✅
C) It does not require any computation
D) It can encrypt large files directly
Explanation: Hybrid encryption uses asymmetric encryption to securely exchange a symmetric session key, which is then used for fast data encryption.
41. Which of the following protocols uses asymmetric encryption for secure authentication?
A) SSH ✅
B) WPA2
C) AES
D) MD5
Explanation: SSH (Secure Shell) uses asymmetric encryption for secure authentication before establishing a session, after which it switches to symmetric encryption for faster data transmission.
42. What is the main reason symmetric encryption is preferred for bulk data encryption?
A) It is more secure
B) It requires a key pair
C) It is computationally faster ✅
D) It supports authentication
Explanation: Symmetric encryption is faster because it involves less computational overhead, making it ideal for encrypting large amounts of data.
43. Which asymmetric encryption algorithm is widely used for key exchange?
A) AES
B) Diffie-Hellman ✅
C) DES
D) MD5
Explanation: Diffie-Hellman is a widely used asymmetric key exchange algorithm that allows two parties to securely share a symmetric key over an insecure channel.
44. What is the typical key size range for AES encryption?
A) 56-bit, 128-bit, 512-bit
B) 64-bit, 128-bit, 192-bit
C) 128-bit, 192-bit, 256-bit ✅
D) 512-bit, 1024-bit, 2048-bit
Explanation: AES supports key sizes of 128-bit, 192-bit, and 256-bit, offering strong security and efficiency.
45. Which of the following encryption techniques is most suitable for securing emails?
A) AES
B) RSA ✅
C) DES
D) ChaCha20
Explanation: RSA encryption is commonly used in email security protocols like PGP and S/MIME to encrypt email content and digitally sign messages.
46. Which encryption method is typically used for securing online banking transactions?
A) Symmetric encryption
B) Asymmetric encryption ✅
C) Only hashing
D) XOR cipher
Explanation: Asymmetric encryption (RSA, ECC) is used in online banking for secure authentication and key exchange, ensuring secure transactions.
47. Why is symmetric encryption vulnerable when used over an unsecured network?
A) The encryption process is weak
B) It requires a public-private key pair
C) The shared secret key can be intercepted ✅
D) The encryption key is too large
Explanation: Symmetric encryption requires a shared key, which, if transmitted over an unsecured network, can be intercepted by attackers.
48. Which encryption method is often used in hardware security modules (HSMs) for cryptographic operations?
A) Symmetric encryption
B) Asymmetric encryption ✅
C) Hashing
D) None of the above
Explanation: HSMs use asymmetric encryption to store and manage cryptographic keys securely, ensuring sensitive keys are not exposed.
49. Which is the biggest weakness of RSA encryption?
A) Too slow for large data encryption ✅
B) Uses the same key for encryption and decryption
C) Cannot be used in TLS
D) Requires no computational power
Explanation: RSA is computationally slow, making it inefficient for large data encryption. Instead, it is mainly used for key exchange and authentication.
50. What is the main benefit of using AES-GCM over AES-CBC?
A) AES-GCM is faster and provides authentication ✅
B) AES-CBC is faster
C) AES-GCM has a smaller key size
D) AES-CBC uses asymmetric encryption
Explanation: AES-GCM (Galois/Counter Mode) is preferred over AES-CBC because it provides both encryption and authentication, making it more secure.
51. What kind of encryption is typically used for encrypting Wi-Fi networks using WPA2?
A) Asymmetric encryption
B) Symmetric encryption ✅
C) Hashing
D) Steganography
Explanation: WPA2 uses symmetric encryption (AES-CCMP) to encrypt Wi-Fi traffic for secure communication.
52. What makes asymmetric encryption more secure than symmetric encryption?
A) Uses larger key sizes and separate keys ✅
B) It is faster
C) The encryption key is always kept secret
D) The same key is used for encryption and decryption
Explanation: Asymmetric encryption uses two keys (public and private), making it more secure since the private key is never shared.
53. What happens if the symmetric encryption key is exposed?
A) The encryption remains secure
B) Encrypted data can be decrypted ✅
C) The attacker cannot do anything
D) The key regenerates automatically
Explanation: If the symmetric key is exposed, an attacker can use it to decrypt all encrypted data, compromising security.
54. Which of the following is a feature of asymmetric encryption?
A) Faster encryption
B) Uses public and private keys ✅
C) Requires a single key
D) Cannot be used for key exchange
Explanation: Asymmetric encryption uses public and private keys, enabling secure key exchange and authentication.
55. Why is AES considered more secure than DES?
A) AES uses larger key sizes ✅
B) DES uses a stronger algorithm
C) AES is a hashing algorithm
D) DES is not an encryption algorithm
Explanation: AES is more secure than DES because it supports larger key sizes (128, 192, 256-bit), whereas DES uses only 56-bit keys, making it weaker.
56. Which encryption method is more resistant to quantum computing attacks?
A) RSA
B) ECC ✅
C) DES
D) AES
Explanation: ECC (Elliptic Curve Cryptography) is considered more resistant to quantum computing attacks compared to RSA due to its shorter but stronger key sizes.
57. What is the purpose of padding in encryption algorithms?
A) To increase the key size
B) To make encrypted data a fixed length ✅
C) To decrease encryption time
D) To replace hashing
Explanation: Padding ensures that encrypted data fits a fixed block size, which is required for many encryption algorithms like AES and RSA.
58. What is the purpose of a nonce in encryption?
A) To act as an additional secret key
B) To prevent replay attacks ✅
C) To decrypt data faster
D) To generate hash values
Explanation: A nonce (number used once) is used in encryption to ensure freshness and prevent replay attacks in cryptographic protocols.
59. Why is hybrid encryption used in modern systems?
A) To combine the speed of symmetric encryption with the security of asymmetric encryption ✅
B) To avoid encryption altogether
C) To use only symmetric encryption
D) To improve key length
Explanation: Hybrid encryption combines asymmetric encryption for secure key exchange with symmetric encryption for fast data encryption, offering the best of both.
60. Which encryption technique is commonly used for securing DNS queries?
A) AES
B) ECC
C) RSA
D) DNSCrypt ✅
Explanation: DNSCrypt is used to encrypt DNS queries, preventing DNS spoofing and interception.
61. Which of the following statements is true about symmetric encryption?
A) It uses two different keys for encryption and decryption
B) It is slower than asymmetric encryption
C) It requires a shared secret key ✅
D) It is primarily used for key exchange
Explanation: Symmetric encryption requires a shared secret key for both encryption and decryption, making it efficient but requiring secure key exchange.
62. Which of the following encryption algorithms is NOT asymmetric?
A) ECC
B) RSA
C) Diffie-Hellman
D) Blowfish ✅
Explanation: Blowfish is a symmetric encryption algorithm, whereas RSA, ECC, and Diffie-Hellman are asymmetric.
63. Which encryption method is best suited for encrypting credit card transactions in online payments?
A) Symmetric encryption
B) Asymmetric encryption ✅
C) Hashing
D) Steganography
Explanation: Asymmetric encryption (RSA, ECC) is commonly used in online payments (e.g., PCI DSS compliance) for secure key exchange and transaction protection.
64. What is the main role of asymmetric encryption in digital certificates?
A) Encrypting large files
B) Authenticating the identity of websites ✅
C) Encrypting VPN tunnels
D) Encrypting USB drives
Explanation: Digital certificates (e.g., SSL/TLS) use asymmetric encryption to authenticate websites, ensuring that users communicate with a legitimate server.
65. Which of the following is NOT a primary use case of symmetric encryption?
A) Disk encryption
B) Secure key exchange ✅
C) VPN encryption
D) File encryption
Explanation: Secure key exchange is typically handled by asymmetric encryption (e.g., RSA, Diffie-Hellman), not symmetric encryption.
66. What is a characteristic of asymmetric encryption that makes it useful for digital signatures?
A) It is faster than symmetric encryption
B) It allows authentication and non-repudiation ✅
C) It requires shared keys
D) It does not require a private key
Explanation: Asymmetric encryption allows authentication and non-repudiation, meaning that a digital signature proves the sender’s identity and prevents denial.
67. What happens if a hacker intercepts a public key in asymmetric encryption?
A) They can decrypt the data
B) They can encrypt messages but cannot decrypt them ✅
C) They can steal the private key
D) The encryption is compromised
Explanation: The public key is meant to be shared, and an attacker can encrypt messages but cannot decrypt them without the private key.
68. Which encryption standard is most commonly used in full-disk encryption?
A) RSA
B) ECC
C) AES ✅
D) Diffie-Hellman
Explanation: AES (Advanced Encryption Standard) is commonly used in full-disk encryption tools like BitLocker and VeraCrypt due to its strength and speed.
69. Why are asymmetric encryption keys typically much longer than symmetric keys?
A) They use different mathematical principles ✅
B) They are faster than symmetric encryption
C) They do not require key exchange
D) They are used for hashing
Explanation: Asymmetric encryption keys are longer because they rely on complex mathematical operations like prime factorization (RSA) or elliptic curves (ECC) for security.
70. What is a significant weakness of Diffie-Hellman key exchange?
A) It requires too many keys
B) It does not authenticate the communicating parties ✅
C) It is slower than RSA
D) It cannot be used in SSL/TLS
Explanation: Diffie-Hellman does not provide authentication, making it vulnerable to Man-in-the-Middle (MitM) attacks if used without additional verification.
71. Which encryption method is preferred for encrypting instant messaging conversations?
A) Asymmetric encryption
B) Symmetric encryption ✅
C) Hashing
D) Public key encryption only
Explanation: Messaging apps like WhatsApp and Signal use symmetric encryption (AES, ChaCha20) for real-time communication due to speed and efficiency.
72. What does the term “key exchange” refer to in cryptography?
A) Swapping encryption algorithms
B) Securely sharing encryption keys ✅
C) Changing keys periodically
D) Encrypting password hashes
Explanation: Key exchange refers to securely distributing encryption keys between parties without interception.
73. Which algorithm is considered more efficient for mobile and IoT devices due to its smaller key size?
A) RSA
B) ECC ✅
C) AES
D) SHA-256
Explanation: ECC (Elliptic Curve Cryptography) provides strong security with smaller key sizes, making it ideal for mobile and IoT devices.
74. What is a common use case of asymmetric encryption in email security?
A) Encrypting large attachments
B) Secure key exchange and digital signatures ✅
C) Hiding sender identity
D) Increasing email delivery speed
Explanation: Asymmetric encryption is used in email security protocols (PGP, S/MIME) for secure key exchange and digital signatures.
75. Which encryption type requires both parties to already share a secret key?
A) Asymmetric encryption
B) Symmetric encryption ✅
C) Hybrid encryption
D) Public key infrastructure
Explanation: Symmetric encryption requires both parties to have the same secret key before communication begins.
76. Why is hybrid encryption used in TLS/SSL connections?
A) To eliminate the need for key exchange
B) To combine the speed of symmetric encryption with the security of asymmetric encryption ✅
C) To avoid digital signatures
D) To use only hashing
Explanation: Hybrid encryption combines asymmetric encryption (for key exchange) with symmetric encryption (for fast data transfer), ensuring both security and efficiency.
77. Which of the following is NOT a benefit of asymmetric encryption?
A) Secure communication without prior key sharing
B) Authentication and non-repudiation
C) Fast encryption and decryption ✅
D) Digital signatures
Explanation: Asymmetric encryption is computationally slower compared to symmetric encryption, making it unsuitable for encrypting large data volumes directly.
78. Which attack is asymmetric encryption more resistant to compared to symmetric encryption?
A) Brute force
B) Man-in-the-middle attacks ✅
C) Side-channel attacks
D) Dictionary attacks
Explanation: Asymmetric encryption provides authentication, making it more resistant to Man-in-the-Middle (MitM) attacks compared to symmetric encryption.
79. Which encryption method is typically used in blockchain technology for securing transactions?
A) Symmetric encryption
B) Asymmetric encryption ✅
C) Hashing
D) Steganography
Explanation: Blockchain systems use asymmetric encryption (ECC, RSA) for signing transactions and ensuring security.
80. Why is AES-256 considered more secure than AES-128?
A) It uses a longer key, making brute-force attacks more difficult ✅
B) It encrypts data faster
C) It does not require key exchange
D) It is a different encryption algorithm
Explanation: AES-256 uses a 256-bit key, making it more resistant to brute-force attacks compared to AES-128.
81. Which encryption method is commonly used to protect stored passwords?
A) Symmetric encryption
B) Asymmetric encryption
C) Hashing ✅
D) Digital signatures
Explanation: Passwords are typically hashed using algorithms like bcrypt, PBKDF2, or Argon2 instead of being encrypted. Hashing is one-way and helps protect against password leaks.
82. Which attack is asymmetric encryption particularly vulnerable to?
A) Rainbow table attack
B) Side-channel attack ✅
C) Dictionary attack
D) Birthday attack
Explanation: Side-channel attacks exploit timing, power consumption, or electromagnetic leaks from cryptographic operations, making asymmetric encryption vulnerable to such attacks.
83. In asymmetric encryption, what is the role of a certificate authority (CA)?
A) Encrypts and decrypts data
B) Issues and verifies digital certificates ✅
C) Generates symmetric keys
D) Stores private keys for users
Explanation: A certificate authority (CA) issues digital certificates to verify the authenticity of websites and users in public key infrastructure (PKI).
84. Which of the following is an advantage of symmetric encryption over asymmetric encryption?
A) It provides better authentication
B) It is faster and more efficient ✅
C) It does not require secure key exchange
D) It supports digital signatures
Explanation: Symmetric encryption is significantly faster than asymmetric encryption because it uses simpler mathematical operations.
85. What is the primary goal of public key cryptography?
A) Secure key exchange ✅
B) Encrypting large volumes of data
C) Hashing data
D) Storing passwords securely
Explanation: Public key cryptography (asymmetric encryption) is primarily used for secure key exchange and authentication.
86. Which of the following statements about asymmetric encryption is false?
A) It uses a key pair
B) It is typically slower than symmetric encryption
C) It is primarily used for digital signatures
D) It is used in full-disk encryption ✅
Explanation: Full-disk encryption typically uses symmetric encryption (AES) because it is faster and more efficient for encrypting large amounts of data.
87. What does the term “public key infrastructure (PKI)” refer to?
A) A framework for managing digital certificates and keys ✅
B) A specific encryption algorithm
C) A symmetric encryption method
D) A method for generating hashes
Explanation: PKI is a framework that includes certificate authorities (CAs), digital certificates, key pairs, and trust hierarchies for managing public-key cryptography.
88. Which key exchange algorithm is commonly used alongside RSA in TLS?
A) Blowfish
B) AES
C) Diffie-Hellman ✅
D) MD5
Explanation: Diffie-Hellman (DH) key exchange is often used in TLS/SSL to securely exchange symmetric keys for encrypted communication.
89. In an asymmetric encryption system, which key is used to create a digital signature?
A) Public key
B) Private key ✅
C) Symmetric key
D) Session key
Explanation: A private key is used to sign messages digitally, and the recipient verifies the signature using the public key.
90. Why is AES commonly used for data encryption instead of RSA?
A) AES is more secure than RSA
B) AES is much faster ✅
C) RSA is outdated
D) AES uses a public-private key pair
Explanation: AES is much faster than RSA, making it more suitable for encrypting large volumes of data. RSA is mainly used for key exchange.
91. What is the key size typically used for RSA encryption in modern applications?
A) 128-bit
B) 256-bit
C) 2048-bit ✅
D) 4096-bit
Explanation: Modern applications use 2048-bit RSA keys for security, while 4096-bit keys offer even stronger protection but are less commonly used due to computational overhead.
92. What is the primary security risk of using weak symmetric encryption algorithms like DES?
A) Too many keys are required
B) They are vulnerable to brute-force attacks ✅
C) They cannot encrypt data
D) They do not require key exchange
Explanation: DES uses a 56-bit key, which is weak by today’s standards and can be brute-forced easily, making it insecure for modern applications.
93. Which encryption algorithm is recommended for securing sensitive data at rest?
A) RSA
B) AES-256 ✅
C) MD5
D) SHA-1
Explanation: AES-256 is widely recommended for encrypting sensitive data at rest due to its strong security and resistance to brute-force attacks.
94. What does “ephemeral” mean in the context of Diffie-Hellman key exchange?
A) The key is stored permanently
B) The key is randomly generated for each session ✅
C) The key is publicly shared
D) The key can be reused multiple times
Explanation: Ephemeral Diffie-Hellman (EDH) generates a new key for each session, enhancing security by preventing key reuse.
95. What encryption method is commonly used in Zero Trust security models?
A) Symmetric encryption
B) Asymmetric encryption ✅
C) Hashing
D) Digital signatures
Explanation: Asymmetric encryption is commonly used in Zero Trust models for authentication and secure key exchange.
96. Which is a potential risk of using RSA for encryption in the future?
A) It is too fast
B) Quantum computers can break it ✅
C) It cannot be used with digital certificates
D) It does not require key exchange
Explanation: Quantum computers are expected to break RSA encryption using Shor’s algorithm, making post-quantum cryptography necessary.
97. What encryption method is commonly used in IPsec for securing VPNs?
A) RSA
B) AES ✅
C) SHA-256
D) ECC
Explanation: AES encryption is used in IPsec VPNs to secure data traffic, ensuring confidentiality and integrity.
98. Which encryption technique is best suited for encrypting IoT devices with limited processing power?
A) RSA
B) ECC ✅
C) AES-256
D) Blowfish
Explanation: ECC is preferred for IoT devices because it offers strong security with smaller key sizes, making it computationally efficient.
99. What is one advantage of using AES-GCM over AES-CBC?
A) AES-GCM is more vulnerable to attacks
B) AES-GCM provides built-in authentication ✅
C) AES-CBC is more secure
D) AES-GCM requires a private key
Explanation: AES-GCM (Galois/Counter Mode) provides both encryption and authentication, whereas AES-CBC does not offer built-in authentication.
100. What is the main difference between symmetric and asymmetric encryption?
A) Symmetric encryption uses one key; asymmetric encryption uses a key pair ✅
B) Asymmetric encryption is faster than symmetric encryption
C) Symmetric encryption is only used in blockchain
D) Symmetric encryption cannot be used for secure communication
Explanation: Symmetric encryption uses a single key for both encryption and decryption, while asymmetric encryption uses a key pair (public and private keys).
101. Which encryption method is typically used in end-to-end encryption (E2EE) for chat applications?
A) Symmetric encryption ✅
B) Asymmetric encryption
C) Only hashing
D) Steganography
Explanation: Symmetric encryption (AES, ChaCha20) is used for encrypting chat messages after an asymmetric key exchange is completed for secure session establishment.
102. Why is a key exchange mechanism necessary in encryption?
A) To generate symmetric keys securely ✅
B) To authenticate users
C) To prevent brute-force attacks
D) To encrypt large data files
Explanation: Key exchange mechanisms like Diffie-Hellman allow two parties to securely generate and share symmetric keys without exposing them over the network.
103. In asymmetric encryption, what ensures that a public key belongs to the correct entity?
A) Digital certificate ✅
B) Hashing
C) Encryption algorithm
D) Private key
Explanation: A digital certificate, issued by a Certificate Authority (CA), verifies the authenticity of a public key and ensures it belongs to a trusted entity.
104. What is the purpose of a salt in encryption?
A) To increase key length
B) To prevent dictionary attacks on encrypted passwords ✅
C) To generate random numbers
D) To speed up encryption
Explanation: A salt is a random value added to passwords before encryption/hashing to protect against rainbow table and dictionary attacks.
105. Which encryption algorithm is considered quantum-resistant?
A) RSA
B) AES-256 ✅
C) ECC
D) Diffie-Hellman
Explanation: AES-256 is considered quantum-resistant because even quantum computers would require an infeasible amount of time to break its key through brute force.
106. Which is a disadvantage of using asymmetric encryption for data transmission?
A) It is slower than symmetric encryption ✅
B) It cannot be used for authentication
C) It does not support key exchange
D) It does not provide confidentiality
Explanation: Asymmetric encryption is computationally intensive, making it slower than symmetric encryption for encrypting large amounts of data.
107. What is a session key in encryption?
A) A long-term symmetric key
B) A one-time-use symmetric key for a communication session ✅
C) A private key used in asymmetric encryption
D) A key that never expires
Explanation: A session key is a temporary symmetric key used during a communication session and discarded after use to improve security.
108. Why is asymmetric encryption not used for file encryption?
A) It is not secure
B) It is too slow ✅
C) It does not provide confidentiality
D) It requires a shared secret
Explanation: Asymmetric encryption is too slow for encrypting large files, so it is mainly used for secure key exchange, while symmetric encryption handles the data encryption.
109. Which encryption method is best suited for securing API keys?
A) Symmetric encryption ✅
B) Asymmetric encryption
C) Hashing
D) Digital certificates
Explanation: Symmetric encryption (AES, ChaCha20) is typically used for securing API keys in database storage and transmission.
110. What is the purpose of Transport Layer Security (TLS)?
A) To encrypt network communication ✅
B) To generate encryption keys
C) To verify digital signatures
D) To store passwords securely
Explanation: TLS encrypts network communication to protect data transmitted over the internet, using both asymmetric and symmetric encryption.
111. In a hybrid encryption system, what happens after a symmetric key is exchanged?
A) The system switches to symmetric encryption for data transmission ✅
B) The asymmetric encryption is used permanently
C) The session key is discarded
D) The data remains unencrypted
Explanation: Hybrid encryption uses asymmetric encryption to exchange a symmetric key, after which all further communication is encrypted using faster symmetric encryption.
112. What is a brute-force attack in the context of encryption?
A) Intercepting encrypted messages
B) Trying every possible key combination to decrypt data ✅
C) Sending fake certificates
D) Manipulating digital signatures
Explanation: A brute-force attack attempts all possible key values until the correct one is found, making encryption strength dependent on key length.
113. Which of the following is a fundamental requirement for symmetric encryption?
A) A certificate authority
B) A key exchange mechanism
C) A shared secret key ✅
D) A private-public key pair
Explanation: Symmetric encryption requires both parties to share the same secret key to encrypt and decrypt data.
114. What is the main reason for using asymmetric encryption in email communication?
A) To prevent emails from being intercepted
B) To securely exchange encryption keys ✅
C) To increase email speed
D) To replace symmetric encryption
Explanation: Asymmetric encryption (e.g., PGP, S/MIME) is used in email communication to securely exchange encryption keys before encrypting email contents.
115. What type of attack does asymmetric encryption help mitigate?
A) Phishing
B) Man-in-the-Middle (MitM) ✅
C) Buffer overflow
D) SQL injection
Explanation: Asymmetric encryption provides authentication and secure key exchange, preventing Man-in-the-Middle (MitM) attacks.
116. Why is ECC becoming more popular than RSA?
A) It is easier to implement
B) It provides equivalent security with smaller key sizes ✅
C) It is faster than AES
D) It does not require a key pair
Explanation: ECC provides the same security as RSA but with smaller key sizes, making it more efficient for modern applications.
117. What happens if the private key in an asymmetric encryption system is compromised?
A) The public key is also compromised
B) All encrypted data can be decrypted ✅
C) The key pair automatically regenerates
D) The encryption remains secure
Explanation: If the private key is compromised, any data encrypted with the corresponding public key can be decrypted, breaking security.
118. What is the primary advantage of using asymmetric encryption for digital signatures?
A) It is faster than symmetric encryption
B) It provides integrity, authentication, and non-repudiation ✅
C) It does not require a key pair
D) It can be used for bulk data encryption
Explanation: Digital signatures use asymmetric encryption to ensure data integrity, authentication, and non-repudiation, proving the sender’s identity.
119. Which encryption method is most commonly used for secure email attachments?
A) AES ✅
B) RSA
C) ECC
D) MD5
Explanation: AES (symmetric encryption) is used for encrypting email attachments because it is fast and efficient, often combined with asymmetric encryption for key exchange.
120. How does asymmetric encryption contribute to securing HTTPS connections?
A) It encrypts all website content
B) It ensures the confidentiality of passwords
C) It helps establish a secure connection via key exchange ✅
D) It replaces the need for digital certificates
Explanation: Asymmetric encryption (RSA, ECC) is used in HTTPS for secure key exchange, allowing symmetric encryption (AES) to be used for data transmission.
121. What is the primary reason asymmetric encryption is used in blockchain technology?
A) To encrypt large amounts of data
B) To secure user identities and transactions ✅
C) To improve hashing algorithms
D) To increase transaction speed
Explanation: Asymmetric encryption (ECC, RSA) is used in blockchain to sign transactions securely and authenticate users without exposing private keys.
122. Which of the following is NOT a common use of asymmetric encryption?
A) Digital signatures
B) Secure key exchange
C) Encrypting entire hard drives ✅
D) Authenticating websites
Explanation: Asymmetric encryption is not used for full-disk encryption because it is computationally slower than symmetric encryption. AES is commonly used for this purpose.
123. What is an essential feature of symmetric encryption algorithms like AES?
A) Uses a key pair
B) Uses the same key for encryption and decryption ✅
C) Requires a Certificate Authority
D) Uses modular exponentiation
Explanation: Symmetric encryption relies on a single shared key for both encryption and decryption, making it faster than asymmetric methods.
124. Why is asymmetric encryption often used in software licensing?
A) To prevent unauthorized copying ✅
B) To speed up software execution
C) To hash license keys
D) To replace symmetric encryption
Explanation: Asymmetric encryption ensures that only verified license keys can be decrypted and validated, preventing piracy and unauthorized software use.
125. What is one major drawback of symmetric encryption compared to asymmetric encryption?
A) It requires a Certificate Authority
B) It is computationally slower
C) It requires a secure method for key exchange ✅
D) It does not support confidentiality
Explanation: Symmetric encryption requires a secure key exchange method to prevent attackers from intercepting the secret key.
126. Which encryption method is more resistant to brute-force attacks?
A) AES-256 ✅
B) RSA-1024
C) DES
D) MD5
Explanation: AES-256 is highly resistant to brute-force attacks due to its 256-bit key length, whereas RSA-1024 is now considered weaker due to advances in computing power.
127. What is a key escrow system in encryption?
A) A system that securely stores encryption keys for recovery ✅
B) A system that generates random keys
C) A method to exchange private keys
D) A type of hashing algorithm
Explanation: Key escrow systems store encryption keys securely for later recovery, often used in law enforcement and enterprise environments.
128. Which of the following is a real-world example of hybrid encryption?
A) HTTPS ✅
B) MD5 hashing
C) DES encryption
D) Digital signatures
Explanation: HTTPS uses hybrid encryption, where asymmetric encryption (RSA, ECC) is used for key exchange, and symmetric encryption (AES) is used for data transmission.
129. Which factor makes asymmetric encryption less efficient for encrypting large data?
A) It uses a single key
B) It requires both parties to share a secret
C) It requires complex mathematical computations ✅
D) It does not support encryption
Explanation: Asymmetric encryption relies on complex mathematical calculations, making it computationally intensive and less efficient for large data encryption.
130. What is an advantage of symmetric encryption over asymmetric encryption?
A) It provides better authentication
B) It uses shorter key lengths for the same level of security ✅
C) It eliminates the need for key exchange
D) It supports digital signatures
Explanation: Symmetric encryption can provide strong security with shorter key lengths, making it more efficient than asymmetric encryption in many scenarios.
131. Which encryption method is most commonly used in mobile payment systems like Apple Pay and Google Pay?
A) AES ✅
B) RSA
C) SHA-256
D) DES
Explanation: AES encryption is used in mobile payment systems to secure transactions quickly and efficiently.
132. What is a common feature of asymmetric encryption algorithms?
A) They use a single key
B) They require a shared secret
C) They involve a public-private key pair ✅
D) They encrypt data faster than symmetric encryption
Explanation: Asymmetric encryption relies on public-private key pairs, where the public key is used for encryption, and the private key is used for decryption.
133. Which attack is asymmetric encryption particularly vulnerable to?
A) Quantum computing attacks ✅
B) SQL injection
C) Man-in-the-Middle attacks
D) Cross-site scripting
Explanation: Asymmetric encryption (e.g., RSA) is vulnerable to quantum computing attacks, which can break its security using algorithms like Shor’s algorithm.
134. Why is the Advanced Encryption Standard (AES) widely used?
A) It is the fastest asymmetric encryption algorithm
B) It is easy to break
C) It offers a strong balance between security and performance ✅
D) It requires a Certificate Authority
Explanation: AES provides a strong balance between speed and security, making it the standard for government and commercial encryption.
135. What is a major advantage of Elliptic Curve Cryptography (ECC) over RSA?
A) It requires larger key sizes
B) It provides the same security with smaller key sizes ✅
C) It is slower than RSA
D) It does not require public-private keys
Explanation: ECC provides the same level of security as RSA but with much smaller key sizes, making it more efficient for mobile and IoT applications.
136. In asymmetric encryption, what ensures that only the intended recipient can decrypt a message?
A) The public key
B) The private key ✅
C) The encryption algorithm
D) The hash function
Explanation: Only the private key can decrypt a message encrypted with the corresponding public key, ensuring confidentiality.
137. Which of the following is a key advantage of hybrid encryption?
A) It eliminates the need for key exchange
B) It speeds up asymmetric encryption
C) It combines the efficiency of symmetric encryption with the security of asymmetric encryption ✅
D) It replaces hashing
Explanation: Hybrid encryption combines asymmetric encryption for secure key exchange and symmetric encryption for fast data transmission.
138. What is the key length of AES-128?
A) 64-bit
B) 128-bit ✅
C) 256-bit
D) 512-bit
Explanation: AES-128 uses a 128-bit key length, making it highly secure while being more efficient than AES-256 in some scenarios.
139. What is the primary weakness of RSA-1024 encryption?
A) It is vulnerable to brute-force attacks
B) It is slow for key exchange
C) It is becoming weak due to advances in computing power ✅
D) It does not support public-private keys
Explanation: RSA-1024 is considered weak due to advances in computing power, and RSA-2048 or ECC is now recommended for security.
140. Which protocol commonly uses asymmetric encryption to establish a secure connection?
A) HTTP
B) SSH ✅
C) FTP
D) SNMP
Explanation: SSH (Secure Shell) uses asymmetric encryption for authentication and session key exchange, securing remote access to servers.
141. Which encryption algorithm is used in the Signal messaging protocol for secure communication?
A) RSA
B) AES
C) X3DH and Double Ratchet Algorithm ✅
D) SHA-256
Explanation: The Signal protocol uses X3DH (Extended Triple Diffie-Hellman) for key exchange and the Double Ratchet Algorithm for continuous encryption key updates, ensuring forward secrecy.
142. What is the primary purpose of asymmetric encryption in secure boot processes?
A) Encrypting the firmware
B) Verifying the integrity and authenticity of firmware and OS ✅
C) Increasing the system boot speed
D) Generating random encryption keys
Explanation: Asymmetric encryption (RSA/ECC) is used in secure boot to verify digital signatures on firmware or OS components, preventing unauthorized modifications.
143. Which encryption method is more vulnerable to a birthday attack?
A) RSA
B) AES
C) Hashing algorithms like MD5 and SHA-1 ✅
D) ECC
Explanation: Birthday attacks exploit hash function collisions (especially in weaker algorithms like MD5 and SHA-1), reducing the effectiveness of cryptographic hashing.
144. Which encryption algorithm is typically used to protect credit card transactions under PCI DSS compliance?
A) DES
B) RSA
C) AES ✅
D) MD5
Explanation: PCI DSS (Payment Card Industry Data Security Standard) recommends AES encryption for securing credit card transactions due to its strength and efficiency.
145. Why is asymmetric encryption important in multi-factor authentication (MFA)?
A) It encrypts user passwords
B) It prevents brute-force attacks
C) It ensures secure key exchange for authentication tokens ✅
D) It replaces the need for biometric authentication
Explanation: Asymmetric encryption is used in MFA to securely exchange authentication tokens, ensuring secure access to accounts without revealing private credentials.
146. What makes asymmetric encryption suitable for email encryption?
A) It encrypts entire email servers
B) It allows encrypted communication without prior key exchange ✅
C) It replaces hashing
D) It speeds up email delivery
Explanation: Asymmetric encryption allows users to encrypt emails without needing a pre-shared key, making it ideal for PGP and S/MIME-based email security.
147. What is the primary advantage of using a Hardware Security Module (HSM) for encryption key management?
A) It accelerates encryption processing
B) It securely generates, stores, and manages encryption keys ✅
C) It eliminates the need for encryption
D) It reduces network latency
Explanation: HSMs securely generate, store, and manage encryption keys to prevent unauthorized access and tampering.
148. Which encryption technique is used to verify the integrity of a software update before installation?
A) Hashing and asymmetric encryption ✅
B) Only symmetric encryption
C) Plaintext verification
D) XOR cipher
Explanation: Digital signatures (asymmetric encryption) and hashing (SHA-256, SHA-512) are used to verify the authenticity and integrity of software updates before installation.
149. What is a cipher suite in TLS?
A) A set of cryptographic algorithms used for secure communication ✅
B) A list of brute-force attack methods
C) A blockchain encryption protocol
D) A key exchange database
Explanation: A TLS cipher suite is a collection of cryptographic algorithms (including key exchange, encryption, and hashing) used to establish a secure connection.
150. Which of the following is NOT a common encryption mode in AES?
A) ECB
B) CBC
C) GCM
D) RSA ✅
Explanation: RSA is not an AES mode; it is an asymmetric encryption algorithm. AES modes include ECB, CBC, GCM, and CTR.
151. Why is the ECB (Electronic Codebook) mode of AES encryption considered insecure?
A) It uses too many encryption keys
B) It encrypts each block of plaintext independently, revealing patterns in data ✅
C) It requires asymmetric encryption
D) It generates weak encryption keys
Explanation: ECB encrypts identical plaintext blocks to identical ciphertext blocks, making it vulnerable to pattern analysis attacks.
152. What role does asymmetric encryption play in blockchain consensus mechanisms?
A) It encrypts the entire blockchain
B) It validates digital signatures in transactions ✅
C) It replaces hashing algorithms
D) It speeds up mining operations
Explanation: Asymmetric encryption (RSA/ECC) is used in blockchain to validate digital signatures, ensuring transactions are verified and tamper-proof.
153. What is a major advantage of using hybrid encryption in secure messaging apps?
A) It encrypts messages twice for better security
B) It combines the efficiency of symmetric encryption with the security of asymmetric encryption ✅
C) It eliminates the need for a key exchange
D) It only uses hashing for authentication
Explanation: Hybrid encryption combines asymmetric encryption (for key exchange) and symmetric encryption (for fast and efficient data encryption) in secure messaging apps.
154. Why is ChaCha20 considered an alternative to AES for encryption?
A) It is an asymmetric encryption algorithm
B) It is optimized for software performance and does not require hardware acceleration ✅
C) It replaces digital signatures
D) It only supports 128-bit keys
Explanation: ChaCha20 is a symmetric encryption algorithm optimized for high performance in software, making it a good alternative to AES on devices without hardware acceleration.
155. Which of the following protocols uses asymmetric encryption for initial key exchange but switches to symmetric encryption for bulk data transfer?
A) FTP
B) TLS/SSL ✅
C) SHA-256
D) MD5
Explanation: TLS/SSL uses asymmetric encryption (RSA, ECC) for key exchange and then switches to symmetric encryption (AES, ChaCha20) for secure communication.
156. What is an example of a common quantum-safe encryption method being researched?
A) Lattice-based cryptography ✅
B) AES-128
C) RSA-2048
D) SHA-1
Explanation: Lattice-based cryptography is one of the promising post-quantum cryptographic methods that is being researched to resist quantum computing attacks.
157. Why is the key length of AES-256 significantly stronger than AES-128?
A) It uses different encryption algorithms
B) It has a larger key space, making brute-force attacks significantly harder ✅
C) It eliminates the need for key exchange
D) It only works with RSA
Explanation: AES-256 has a larger key space (2^256 possible keys), making brute-force attacks infeasible compared to AES-128.
158. Which of the following is an asymmetric encryption key length commonly used for strong security?
A) 1024-bit
B) 2048-bit ✅
C) 512-bit
D) 128-bit
Explanation: 2048-bit RSA keys are commonly used today for strong security, while 1024-bit keys are now considered weak.
159. What does Perfect Forward Secrecy (PFS) ensure in encrypted communication?
A) It prevents attackers from decrypting past sessions even if they obtain the private key ✅
B) It increases the encryption speed
C) It allows symmetric encryption without a key exchange
D) It only works with RSA
Explanation: PFS ensures that even if a private key is compromised, past encrypted sessions remain secure, as new session keys are generated for each connection.
160. Which cryptographic attack method is particularly effective against weak asymmetric encryption keys?
A) Side-channel attack
B) Man-in-the-Middle attack
C) Factorization attack ✅
D) Hash collision attack
Explanation: Factorization attacks exploit the mathematical structure of RSA keys, making them vulnerable if the key length is too short (e.g., RSA-1024).
161. Which of the following is a key weakness of RSA encryption?
A) It uses block ciphers
B) It is vulnerable to factoring attacks if the key size is too small ✅
C) It does not support digital signatures
D) It cannot be used for encryption
Explanation: RSA encryption relies on the difficulty of factoring large prime numbers; however, if the key size is too small (e.g., RSA-1024), it becomes vulnerable to factorization attacks.
162. What is the main security risk of using expired or revoked digital certificates in asymmetric encryption?
A) The encryption algorithm becomes invalid
B) The certificate may be compromised, leading to impersonation attacks ✅
C) The encryption speed decreases
D) The public key is deleted automatically
Explanation: Using expired or revoked digital certificates can allow attackers to impersonate a legitimate entity, leading to phishing or MITM (Man-in-the-Middle) attacks.
163. What encryption method does TLS 1.3 use for key exchange instead of RSA?
A) AES
B) Diffie-Hellman Ephemeral (DHE) and Elliptic Curve Diffie-Hellman Ephemeral (ECDHE) ✅
C) SHA-512
D) MD5
Explanation: TLS 1.3 removes RSA key exchange and instead relies on Diffie-Hellman Ephemeral (DHE) and Elliptic Curve Diffie-Hellman Ephemeral (ECDHE) for forward secrecy.
164. Why is ECC considered a more efficient alternative to RSA?
A) It does not require key pairs
B) It is easier to break
C) It provides the same security as RSA with much smaller key sizes ✅
D) It replaces symmetric encryption
Explanation: Elliptic Curve Cryptography (ECC) provides the same level of security as RSA but with much smaller key sizes, making it faster and more efficient.
165. What is the role of key stretching in encryption?
A) To make brute-force attacks more difficult ✅
B) To replace hashing algorithms
C) To speed up encryption
D) To increase the encryption key size
Explanation: Key stretching (e.g., PBKDF2, bcrypt, Argon2) applies additional computational work to make brute-force attacks significantly more difficult.
166. Why are quantum computers considered a threat to asymmetric encryption?
A) They can factor large prime numbers efficiently ✅
B) They decrease encryption speed
C) They eliminate the need for key exchange
D) They break symmetric encryption faster than asymmetric encryption
Explanation: Quantum computers, using Shor’s algorithm, can efficiently factor large prime numbers, making RSA, ECC, and DSA vulnerable in the future.
167. What is the primary benefit of using a nonce in symmetric encryption?
A) It allows for key exchange
B) It prevents replay attacks ✅
C) It speeds up encryption
D) It generates new keys
Explanation: A nonce (number used once) ensures that encrypted messages are unique, preventing replay attacks where old encrypted data is resent maliciously.
168. What is the main disadvantage of using RSA for key exchange compared to Diffie-Hellman?
A) RSA cannot be used for key exchange
B) RSA does not support digital signatures
C) RSA does not provide Perfect Forward Secrecy (PFS) ✅
D) Diffie-Hellman is slower than RSA
Explanation: Diffie-Hellman (DH) and its elliptic curve variant (ECDH) provide Perfect Forward Secrecy (PFS), ensuring past communications remain secure even if a private key is compromised.
169. Which of the following encryption methods is most resistant to brute-force attacks?
A) DES
B) RSA-1024
C) AES-256 ✅
D) MD5
Explanation: AES-256 has a large key space (2^256 possible keys), making brute-force attacks practically impossible with current computing power.
170. What is a key advantage of using hybrid encryption in secure file transfers?
A) It eliminates the need for encryption
B) It replaces public-key cryptography
C) It combines the speed of symmetric encryption with the security of asymmetric encryption ✅
D) It does not require key exchange
Explanation: Hybrid encryption allows fast file encryption using symmetric encryption (e.g., AES) while securely exchanging keys using asymmetric encryption (e.g., RSA).
171. Which of the following algorithms is NOT typically used for asymmetric encryption?
A) RSA
B) Diffie-Hellman
C) AES ✅
D) ECC
Explanation: AES is a symmetric encryption algorithm, whereas RSA, Diffie-Hellman, and ECC are used for asymmetric encryption.
172. What makes AES more efficient than RSA for encrypting large files?
A) AES uses longer key lengths
B) AES operates faster with block cipher modes ✅
C) AES does not require a key
D) RSA is optimized for encrypting large files
Explanation: AES is optimized for encrypting large amounts of data efficiently using block cipher modes like CBC and GCM, making it faster than RSA.
173. What encryption algorithm is commonly used in Secure Shell (SSH) for authentication?
A) RSA ✅
B) DES
C) MD5
D) ECB
Explanation: SSH uses RSA (or sometimes ECC or Ed25519) for public-key authentication, allowing secure remote access without passwords.
174. What is a key characteristic of ephemeral keys in encryption?
A) They are generated for each session and discarded afterward ✅
B) They are used for digital signatures
C) They are never changed
D) They are symmetric keys
Explanation: Ephemeral keys are temporary and generated for a single session, ensuring Perfect Forward Secrecy (PFS) in protocols like TLS.
175. What is the recommended key length for ECC to achieve the same security as RSA-2048?
A) 128-bit
B) 256-bit ✅
C) 512-bit
D) 1024-bit
Explanation: ECC-256 provides the same security strength as RSA-2048 but with significantly smaller key sizes and computational efficiency.
176. Which of the following is a cryptographic attack that targets RSA encryption?
A) Meet-in-the-middle attack
B) Birthday attack
C) Factorization attack ✅
D) Rainbow table attack
Explanation: Factorization attacks exploit RSA’s reliance on the difficulty of factoring large prime numbers, making short RSA key lengths vulnerable.
177. What is the primary role of a public key in asymmetric encryption?
A) Encrypt data that can only be decrypted by the corresponding private key ✅
B) Decrypt data
C) Replace digital certificates
D) Hash passwords
Explanation: The public key is used for encrypting messages that only the corresponding private key can decrypt, ensuring confidentiality.
178. What is an important security benefit of using digital signatures?
A) They provide confidentiality
B) They ensure data integrity and authentication ✅
C) They replace symmetric encryption
D) They eliminate the need for hashing
Explanation: Digital signatures verify the authenticity and integrity of messages, ensuring they haven’t been tampered with during transmission.
179. Why is SHA-1 no longer considered secure for encryption purposes?
A) It is too slow
B) It does not support key exchange
C) It is vulnerable to collision attacks ✅
D) It is based on symmetric encryption
Explanation: SHA-1 is vulnerable to collision attacks, where two different inputs produce the same hash, making it insecure for cryptographic applications.
180. What is a major limitation of DES encryption?
A) It requires public-key infrastructure
B) It uses a weak 56-bit key, making it vulnerable to brute-force attacks ✅
C) It is slower than RSA
D) It does not use block ciphers
Explanation: DES (Data Encryption Standard) has a small 56-bit key size, making it vulnerable to brute-force attacks. AES has since replaced DES for stronger security.
181. What is the main advantage of using Elliptic Curve Cryptography (ECC) over RSA for encryption?
A) It uses symmetric keys
B) It is faster and provides the same security with smaller key sizes ✅
C) It does not require a public-private key pair
D) It does not support digital signatures
Explanation: ECC offers the same level of security as RSA but with much smaller key sizes, making it more efficient for mobile and IoT applications.
182. What is the purpose of the “nonce” in encryption algorithms like AES-GCM?
A) It speeds up encryption
B) It ensures each encryption operation is unique ✅
C) It replaces digital signatures
D) It acts as a public key
Explanation: A nonce (number used once) ensures that each encryption operation is unique, preventing replay attacks and increasing security.
183. Which cryptographic concept ensures that encrypted data remains secure even if an encryption key is compromised in the future?
A) Public Key Infrastructure (PKI)
B) Perfect Forward Secrecy (PFS) ✅
C) Digital Signatures
D) Hashing
Explanation: Perfect Forward Secrecy (PFS) ensures that past encrypted communications remain secure even if long-term encryption keys are compromised.
184. What encryption method is used in Bitcoin for securing wallet addresses?
A) AES
B) RSA
C) ECC (Elliptic Curve Cryptography) ✅
D) SHA-256
Explanation: Bitcoin uses ECC (specifically secp256k1) to generate cryptographic keys for wallet addresses, ensuring strong security with small key sizes.
185. What is a major benefit of using hybrid encryption in TLS/SSL connections?
A) It uses symmetric encryption only
B) It eliminates the need for digital certificates
C) It combines the speed of symmetric encryption with the security of asymmetric encryption ✅
D) It replaces hashing algorithms
Explanation: Hybrid encryption allows secure key exchange using asymmetric encryption (RSA, ECC) and fast data encryption using symmetric encryption (AES, ChaCha20).
186. Which asymmetric encryption algorithm is recommended for post-quantum cryptography?
A) RSA-4096
B) Lattice-based cryptography ✅
C) AES-512
D) SHA-3
Explanation: Lattice-based cryptography is one of the leading candidates for post-quantum encryption, as it is resistant to quantum computing attacks.
187. What is the main reason for deprecating RSA-1024 in modern encryption standards?
A) It is too slow
B) It is vulnerable to brute-force attacks
C) Advances in computing power make it easier to factor ✅
D) It requires a private key
Explanation: RSA-1024 is deprecated because modern computing power makes it feasible to factor the encryption key, reducing its security.
188. Which encryption algorithm is used for securing biometric authentication systems?
A) AES ✅
B) RSA
C) SHA-256
D) MD5
Explanation: Biometric authentication systems use AES to encrypt and protect biometric data, ensuring secure storage and transmission.
189. What is the primary reason AES-GCM is preferred over AES-CBC for encryption?
A) AES-GCM provides built-in authentication and integrity checking ✅
B) AES-GCM uses larger key sizes
C) AES-CBC is faster
D) AES-CBC does not require initialization vectors
Explanation: AES-GCM (Galois/Counter Mode) includes authentication and integrity verification, making it more secure than AES-CBC, which requires separate integrity protection.
190. What type of encryption is commonly used in RFID systems for access control?
A) ECC
B) AES ✅
C) SHA-512
D) DES
Explanation: AES encryption is commonly used in RFID-based access control systems to prevent cloning and unauthorized access.
191. What is the primary weakness of DES encryption?
A) It is asymmetric
B) It has a small key size (56-bit), making it vulnerable to brute-force attacks ✅
C) It does not support key exchange
D) It is too fast
Explanation: DES uses a 56-bit key, which is too short by modern security standards, making it vulnerable to brute-force attacks.
192. Why is AES-256 considered quantum-resistant?
A) It uses elliptic curves
B) It is based on factorization
C) Its key space (2^256) is too large for quantum computers to brute-force ✅
D) It cannot be decrypted
Explanation: Even quantum computers would take an infeasible amount of time to brute-force AES-256 due to its massive key space.
193. What is the role of digital certificates in asymmetric encryption?
A) They store symmetric keys
B) They verify the authenticity of public keys ✅
C) They replace encryption keys
D) They provide encryption
Explanation: Digital certificates, issued by Certificate Authorities (CAs), verify the authenticity of public keys, ensuring secure communication.
194. What is a critical limitation of using symmetric encryption for secure communication over the internet?
A) It does not support encryption
B) It requires a pre-shared secret key ✅
C) It does not encrypt data efficiently
D) It cannot be used for large files
Explanation: Symmetric encryption requires both parties to share the same secret key beforehand, which can be difficult over an insecure network.
195. Which hashing algorithm is commonly used alongside encryption for data integrity verification?
A) AES
B) SHA-256 ✅
C) RSA
D) ChaCha20
Explanation: SHA-256 is commonly used with encryption to verify the integrity of encrypted data by generating a secure hash.
196. What is a potential risk of using weak RSA keys for encryption?
A) The key exchange process is faster
B) The key can be factorized and cracked ✅
C) It speeds up encryption
D) It does not require private keys
Explanation: Weak RSA keys (e.g., RSA-1024) can be factorized using advanced computing power, making encryption vulnerable to attacks.
197. Why is the use of AES-256 recommended for encrypting sensitive financial data?
A) It has strong resistance to brute-force attacks ✅
B) It is based on factorization
C) It uses public keys
D) It requires a Certificate Authority
Explanation: AES-256 is resistant to brute-force attacks, making it ideal for encrypting financial transactions and sensitive data.
198. What makes hybrid encryption more efficient than using pure asymmetric encryption?
A) It uses only hashing
B) It reduces the computational overhead of asymmetric encryption ✅
C) It eliminates the need for encryption
D) It does not require key exchange
Explanation: Hybrid encryption uses asymmetric encryption for secure key exchange and then switches to symmetric encryption for faster data encryption.
199. Why is SHA-3 considered an improvement over SHA-2?
A) It is faster in software implementations
B) It is resistant to length-extension attacks ✅
C) It replaces asymmetric encryption
D) It uses a smaller key size
Explanation: SHA-3 introduces a sponge construction that makes it resistant to length-extension attacks, improving security over SHA-2.
200. What is the main security advantage of using ephemeral Diffie-Hellman (DHE) over static Diffie-Hellman (DH)?
A) DHE provides Perfect Forward Secrecy (PFS) ✅
B) DHE is faster
C) DHE uses symmetric encryption
D) DHE eliminates the need for authentication
Explanation: Ephemeral Diffie-Hellman (DHE) generates new keys for each session, ensuring Perfect Forward Secrecy (PFS) and protecting past communications from future key compromises.