CISSP – Information Systems Security Architecture Professional (ISSAP) — Question 78

John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. John notices that the We-are- secure network is vulnerable to a man-in-the-middle attack since the key exchange process of the cryptographic algorithm it is using does not thenticate participants. Which of the following cryptographic algorithms is being used by the We-are-secure server?

Answer options

• A. Blowfish
• B. Twofish
• C. RSA
• D. Diffie-Hellman

Correct answer: D

Explanation

The correct answer is D, Diffie-Hellman, because it is primarily used for key exchange but does not inherently authenticate the participants, making it vulnerable to man-in-the-middle attacks. Blowfish and Twofish are symmetric encryption algorithms and do not handle key exchanges in this manner. RSA is an asymmetric encryption algorithm used for secure data transmission but is not the key exchange method indicated in the scenario.