Skip to main content

Chapter 2 Checkpoint

The cryptographic toolkit, all together. This mixed quiz pulls from every lesson in the chapter. Passing means you can pick the right primitive for a job, explain what each guarantees, and avoid the usage traps that cause almost all real-world crypto failures.

How this works

The quiz draws a random selection from a larger bank each attempt, so retaking gives fresh questions. The recurring theme across every lesson: the algorithms are rarely the weak point — the usage is. ECB mode, nonce reuse, fast password hashes, ignored cert errors, and hardcoded keys are where systems actually break. If a question stings, follow its revisit link.

What you should be able to do now

  • Pick symmetric vs asymmetric for a task — and explain the hybrid model (asymmetric to set up, symmetric to do the work).
  • Default to AEAD and state why authenticated encryption beats plain encryption, plus the absolute nonce rule.
  • Choose the right one-way function: a fast hash (SHA-2/3, BLAKE) for integrity, a slow salted KDF (Argon2/bcrypt) for passwords — and never encryption for passwords.
  • Explain what a signature, a MAC, and a certificate each prove, and which key is used for which.
  • Trace a TLS 1.3 handshake and say exactly what the certificate, the key exchange, and the symmetric phase each contribute.
  • Manage keys: CSPRNG generation, KMS/HSM storage over hardcoding, rotation, and least-privilege scoping to contain a leak.

If any feels shaky, revisit that lesson — Chapter 3 assumes this footing.

The checkpoint

Required checkpoint

Chapter 2: Cryptography

Pass to unlock the Next button below

Chapter 2 complete

You now hold the cryptographic toolkit the rest of the guide leans on: confidentiality from symmetric AEAD, trust and setup from asymmetric keys, signatures and PKI, integrity from hashing and MACs, the TLS protocol that fuses them, and the key management that keeps it all standing. Above all: use vetted libraries, default to AEAD, hash passwords slowly, and never roll your own.

→ On to Chapter 3: Web & Application Security — where this crypto meets the most-attacked surface on the internet, and where the trust boundaries from Chapter 1 become concrete bug classes.