Chapter 12 Β· Quiz

Encrypting Data Quiz

8 questions: multiple choice, matching, analysis, evaluation.

1. An employee's laptop is stolen. Which technology BEST protects the data on the hard drive from being accessed by the thief?
Correct: C β€” BitLocker. Full-disk encryption makes the entire drive unreadable without the decryption key. D (EFS) only protects specific folders, not the entire drive.
2. A database contains both public product descriptions and sensitive customer SSNs. Which approach provides the BEST balance of protection and performance?
Correct: B β€” Column-level encryption. Encrypting only the SSN column protects the sensitive data without adding decryption overhead to every query on the product descriptions.
3. Two branch offices need a permanent encrypted network connection. Which technology BEST suits this requirement?
Correct: B β€” Site-to-site IPsec VPN. IPsec VPNs create persistent encrypted tunnels between two network locations. Client VPNs are for individual remote users, not office-to-office.
4. An algorithm (like AES) is publicly documented. Why doesn't this make encryption insecure?
Correct: B. The algorithm is the mechanism β€” knowing how a lock works doesn't open the door. Security comes entirely from keeping the key secret. Published algorithms can be publicly vetted by experts, which actually increases trust.
5. A system applies a hash function to a password, then hashes the result again, repeating 10,000 times before storing it. What technique does this represent?
Correct: C β€” Key stretching. Applying hashing multiple times forces brute-force attackers to perform the same computation chain for every attempt, multiplying their time cost.
6. Matching β€” Match each term to its correct description.

TECHNOLOGY

BitLocker
EFS
IPsec
Column-level encryption

DESCRIPTION

Encrypts only specific sensitive database columns
Windows full-volume encryption protecting entire drives
Protocol for site-to-site VPN encrypted tunnels
Windows file-level encryption built into NTFS
7. Analysis: A company's security team recommends encrypting all data in the customer database transparently. The database team objects that performance will suffer significantly. How should this conflict be resolved?
Model Answer:
Both concerns are valid. The resolution is a risk-based approach:

1. Classify the data. Identify which columns contain genuinely sensitive data requiring encryption (SSN, financial, health information) vs. which are non-sensitive (product IDs, timestamps, public descriptions).

2. Apply column-level encryption to sensitive columns only. This satisfies the compliance requirement while minimizing performance impact.

3. Benchmark the performance impact. Modern encryption hardware (AES-NI CPU instructions) often makes the overhead negligible. Measure before assuming it's a problem.

4. If transparent encryption is required (e.g., by regulation), consider caching strategies, read replicas for analytics, or hardware acceleration.

The security team gets protection where it matters. The database team gets acceptable performance. A targeted approach serves both.
8. Evaluation: "Since encryption algorithms are public knowledge and attackers can read them, encryption provides no real security." Evaluate this statement.
Model Answer β€” This statement is FALSE.

The security of modern encryption does NOT depend on algorithm secrecy. This is known as Kerckhoffs's principle: a cryptographic system should be secure even if everything about the system, except the key, is public knowledge.

Publishing algorithms has significant benefits: cryptographers worldwide can analyze them for weaknesses. Algorithms that withstand expert scrutiny for decades (like AES, published in 2001) are far more trustworthy than secret algorithms that might have hidden flaws.

Security comes entirely from key secrecy. An attacker who knows AES perfectly β€” every step, all the math β€” still cannot decrypt a message without the key. With AES-256, brute-forcing the key would require 2^256 attempts β€” computationally impossible with any technology today or in the foreseeable future.

Verdict: Published algorithms + secret keys = strong security. Secret algorithms = "security through obscurity," which is not real security.