CISSP Question #42: Real Exam Question with Answer & Explanation

The correct answer is C: Cryptographic hash. The birthday attack exploits the mathematical probability that two inputs will produce the same hash output (a collision), making cryptographic hash functions its primary target.

Submitted by salim_om· Mar 5, 2026Security Architecture and Engineering

Question

The birthday attack is MOST effective against which one of the following cipher technologies?

Options

AChaining block encryption
BAsymmetric cryptography
CCryptographic hash
DStreaming cryptography

Explanation

The birthday attack exploits the mathematical probability that two inputs will produce the same hash output (a collision), making cryptographic hash functions its primary target.

Common mistakes.

A. Block cipher chaining modes (like CBC) are vulnerable to padding oracle and IV-reuse attacks, not birthday attacks, because their security depends on key secrecy and proper initialization rather than collision resistance.
B. Asymmetric cryptography is primarily threatened by attacks targeting the mathematical hardness of factoring large primes or discrete logarithm problems, not collision-finding as exploited by birthday attacks.
D. Stream ciphers are vulnerable to key reuse and known-plaintext attacks because they XOR a keystream with plaintext, a fundamentally different structure that is not susceptible to collision-based birthday attack methodology.

Concept tested. Birthday attack vulnerability against cryptographic hash functions

Reference. https://learn.microsoft.com/en-us/azure/security/fundamentals/encryption-overview

Topics

#birthday attack#cryptographic hash#collision

Community Discussion

No community discussion yet for this question.

Full CISSP Practice Browse All CISSP Questions