Q1. Which of the following is a symmetric encryption algorithm? (Q-924456)
- A.RSA
- B.AES✓ Correct
- C.ECC
- D.Diffie-Hellman
Explanation: AES (Advanced Encryption Standard) is a symmetric algorithm using the same key for encryption/decryption. Learn more.
CompTIA CySA+ Practice Questions: Cryptography
10 free, exam-style CompTIA CySA+ (CS0-003) practice questions covering Cryptography. Each question shows the correct answer and a clear explanation. Ready for the real thing? Take the full timed quiz below.
Q2. What is the PRIMARY purpose of a digital certificate? (Q-628004)
- A.To store passwords
- B.To verify identity✓ Correct
- C.To compress data
- D.To block malware
Explanation: Digital certificates bind public keys to identities (e.g., websites). Learn more.
Q3. What is the MAIN purpose of a certificate authority (CA)? (Q-628011)
- A.To host websites
- B.To issue and validate digital certificates✓ Correct
- C.To block malware
- D.To encrypt hard drives
Explanation: CAs verify identities and issue trusted digital certificates. Learn more.
Q4. What is the PRIMARY benefit of using SHA-256 over MD5? (Q-628012)
- A.Faster hashing
- B.Stronger collision resistance✓ Correct
- C.Smaller hash size
- D.Better compression
Explanation: SHA-256 is cryptographically stronger and less prone to collisions than MD5. Learn more.
Q5. What is the MAIN risk of using deprecated cryptographic algorithms? (Q-628014)
- A.Slower performance
- B.Known vulnerabilities✓ Correct
- C.Complex configuration
- D.Higher costs
Explanation: Deprecated algorithms (e.g., SHA-1, DES) have known security flaws. Learn more.
Q6. What does the 'I' in 'PKI' stand for? (Q-628015)
- A.Internet
- B.Infrastructure✓ Correct
- C.Identity
- D.Integrity
Explanation: PKI = Public Key Infrastructure. Learn more.
Q7. Which of the following is a hardware security module (HSM) used for? (Q-924480)
- A.Blocking DDoS attacks
- B.Securely managing cryptographic keys✓ Correct
- C.Filtering spam
- D.Monitoring network traffic
Explanation: HSMs provide secure key generation, storage, and management. Learn more.
Q8. What is the PRIMARY security benefit of using TPM 2.0? (Q-628051)
- A.Faster network speeds
- B.Hardware-based key storage✓ Correct
- C.Automatic software patching
- D.Cloud workload encryption
Explanation: Trusted Platform Modules securely store cryptographic keys in hardware. Learn more.
Q9. What is the PRIMARY purpose of a non-repudiation control? (Q-628053)
- A.To encrypt all network traffic
- B.To prevent users from denying actions✓ Correct
- C.To block malware execution
- D.To compress log files
Explanation: Non-repudiation (via digital signatures/logs) provides proof of actions. Learn more.
Q10. What is the PRIMARY purpose of a hardware security module (HSM)? (Q-628056)
- A.To block DDoS attacks
- B.To securely manage cryptographic keys✓ Correct
- C.To filter spam emails
- D.To compress network traffic
Explanation: HSMs provide tamper-resistant key storage and operations. Learn more.
More CompTIA CySA+ practice topics
- Security Operations (64)
- Threat Management (53)
- Cloud Security (45)
- Incident Response (44)
- Security Operations and Monitoring (32)
- Access Control (21)
- Network Security (18)
- Risk Management (17)
- Software Security (16)
- Data Security (14)
- Vulnerability Management (11)
- Compliance (9)
- Threat Intelligence (9)
- Threat Detection (7)
- Threat and Vulnerability Management (5)
- More Practice Questions (15)
- All CompTIA CySA+ topics →