Which of the following would meet these objectives?

A company hosts a web server that requires entropy in encryption initialization and authentication.
To meet this goal, the company would like to select a block cipher mode of operation that allows
an arbitrary length IV and supports authenticated encryption. Which of the following would meet
these objectives?

A company hosts a web server that requires entropy in encryption initialization and authentication.
To meet this goal, the company would like to select a block cipher mode of operation that allows
an arbitrary length IV and supports authenticated encryption. Which of the following would meet
these objectives?

A.
CFB

B.
GCM

C.
ECB

D.
CBC

← Previous question

Next question →

Leave a Reply to Paul S Cancel reply5

Lake

I have no trust on the person who provides the answer because I saw a lot of questions with the wrong answer. I spent a lot of time searching the CORRECT solution on this question.

https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#CBC

https://www.revolvy.com/main/index.php?s=Block%20cipher%20mode%20of%20operation&item_type=topic

According to the 4 options provided, only choice B, GCM supports authenticated encryption.

Reply

Lake

In fact, ECB is not recommended for use in cryptographic protocols at all.

Reply

Lake

This question is way beyond the level of Security +. It is NOT fair putting this high level question on the real exam.

Reply

Paul S

Nice catch Lake. Only GCM is tied to authenticated encryption. I also agree that this is out of scope.

Reply

Sebastian

This is a CISSP question.

Reply