COMPTIA Security+ practice exam (30ques) question

Hello all,
Can anyone tell me why my answer is incorrect for this sample question? The AIO guide I'm using states that SHA-256 is more secure than SHA-1, and since the option for SHA-256 is listed, it shouldn't be a case of "this question was written prior to the technology being available".

"Studying for SYO-201"

31. IPSec offers a variety of authentication and data encryption algorithms depending on network needs. Of the available integrity and authentication encryption choices, which is the strongest and what is its key length?

[SIZE=-1]a. Mesasage Digest 5 (MD5) is a high security 128-bit key[/SIZE]
[SIZE=-1]b. Mesasage Digest 5+ (MD5+) is a high security 256-bit key[/SIZE]
[SIZE=-1]c. Mesasage Digest 6 (MD6) is a high security 256-bit key[/SIZE]
[SIZE=-1]d. Secure hash Algorithm (SHA) is a high-security 128-bit key[/SIZE]
[SIZE=-1]e. Secure hash Algorithm (SHA) is a high-security 160-bit key[/SIZE]
[SIZE=-1]f. Secure hash Algorithm (SHA) is a high-security 256-bit key[/SIZE]
[SIZE=-1]Answer(s):[/SIZE][SIZE=-1]e. Secure hash Algorithm (SHA) is a high-security 160-bit key
[/SIZE][SIZE=-1]Your Answer(s):[/SIZE] [SIZE=-1]f. Secure hash Algorithm (SHA) is a high-security 256-bit key
[/SIZE]

Find more posts tagged with

Comments

9MMMAC

Could it just be a typo? I've seen a lot of cheesy "practice exams" that have horribly written grammar, outdated or tons of left field quetions. I'm finding that each test has a certain "flavor" and I don't put too much stock in missing an answer.

dynamik

Have you looked at what IPSec supports?

dorawe

Sure, it could be a typo, and I expect that it was. Studying for this tends to include alot of different sources, and I do find contradictory information sometimes. Since this question was offered on this site, I expected that it would have been noticed before........

Darril

That is a funky question. The question starts by implying the choices are integrity and authentication encryption choices, but they are all hashing algorithms used for integrity.

So, assuming they're asking which one is the strongest hashing algorithm, you're right to jump on SHA, since SHA is stronger than MD (though they are both technically message digest hashing algorithms).

Now, which SHA is the strongest? SHA-0 and SHA-1 both result in 160 bit hashes, so in their time, they were the strongest. However, SHA-2 includes SHA-224, SHA-256, SHA-384, and SHA-512 (the numbers indicate how many bits are being used in the hash). SHA-2 is stronger than SHA-0 or 1.

But wait, the question mentioned IPSec. Dyanamik suggests looking at what SHA is supported in IPSec and this is relevant. Current implementations of IPSec support the use of SHA-1, but not SHA-2.

So, even though the question is a little difficult to intrepret, the answer is valid. I'm wondering if the question had an explanation. It'd be tough if you just had to figure all that out on your own.

HTH,

Darril Gibson
www.sy0-201.com
Author: CompTIA Security+: Get Certified Get Ahead

Security+ Blog
Security Plus: Get Certified Get Ahead

Security+ Tip of the Day
twitter.com/DarrilGibson

dorawe wrote: »

31. IPSec offers a variety of authentication and data encryption algorithms depending on network needs. Of the available integrity and authentication encryption choices, which is the strongest and what is its key length?

[SIZE=-1]a. Mesasage Digest 5 (MD5) is a high security 128-bit key[/SIZE]
[SIZE=-1]b. Mesasage Digest 5+ (MD5+) is a high security 256-bit key[/SIZE]
[SIZE=-1]c. Mesasage Digest 6 (MD6) is a high security 256-bit key[/SIZE]
[SIZE=-1]d. Secure hash Algorithm (SHA) is a high-security 128-bit key[/SIZE]
[SIZE=-1]e. Secure hash Algorithm (SHA) is a high-security 160-bit key[/SIZE]
[SIZE=-1]f. Secure hash Algorithm (SHA) is a high-security 256-bit key[/SIZE]
[SIZE=-1]Answer(s):[/SIZE][SIZE=-1]e. Secure hash Algorithm (SHA) is a high-security 160-bit key[/SIZE]
[SIZE=-1]Your Answer(s):[/SIZE] [SIZE=-1]f. Secure hash Algorithm (SHA) is a high-security 256-bit key[/SIZE]

dorawe

No, there wasn't an explanation. Thanks for the in-depth, Darril!