$16.$ Why does cryptographic security tend to increase as the key size gets larger?

A$.$ No matter what kind of cryptanalytic attack, the larger the key, the larger the possible space of key values that an attacker must test; each additional binary bit doubles this search or testing time. Ultimately, this requires more computing power and storage than even the most well$-$funded governments can afford.

B$.$ This is a commonly held belief, but it's not actually true in most cases. Properly chosen algorithms and properly managed cryptosystems are proven to be unbreakable at current key sizes, and making the keys larger will only cause additional throughput delays.

C$.$ This is only a concern for block ciphers, since if the key size is too small, these ciphers are easily broken with rainbow table or dictionary attacks.

D$.$ Larger keys require more complex algorithms to execute without unacceptable runtime impacts, and this combines to provide even greater security.

$17.$ What are the most common attacks that business or commercial use of cryptography might be exposed to$?$

A$.$ Invalid, expired, or fraudulent certificates accepted for use

B$.$ Optical, acoustic, or power line technical monitoring and analysis

C$.$ Social engineering

D$.$ Operational errors in use, such as incorrectly choosing control parameters or mismanaging keys or certificates

$18.$ What is the most common source of exploitable vulnerabilities that business or commercial use of cryptography might present to attackers?

A$.$ Invalid, expired, or fraudulent certificates accepted for use

B$.$ Optical, acoustic, or power line technical monitoring and analysis

C$.$ IT supply chain compromises that allow corrupted cryptographic modules to be inserted into systems

D$.$ Operational errors in use, such as incorrectly choosing control parameters or mismanaging keys or certificates

$19.$ Should a hash function be reversible?

A$.$ No$,$ because this would allow the plaintext to be decrypted from the hash, rendering message digests and digital signatures unworkable.

B$.$ Yes, because this would allow the hash to contribute to error detection and correction operations.

C$.$ In a limited way, they are reversible, because the hash acts as a pointer or key into database and file management systems where the plaintext comes from.

D$.$ No$,$ because a hash is a many$-$to$-$one function and thus must have a collision detection and avoidance mechanism as part of its implementation; being reversible would negate this.

$20.$ What conditions might cause you to stop using a key? $($Choose all that apply.$)$

A$.$ Notification that a key has been lost or compromised

B$.$ Suspicion that a user of that key is not who or what they claim to be

C$.$ Indications that your public key has been hijacked by someone masquerading as you

D$.$ You've used it more than $2048$ times.