CISSP - Security Engineering Mock Questions

We are using cloud computing, and we are responsible for the operating system and up. Which type of cloud computing are we using?

Options are :

  • IaaS. (Correct)
  • SaaS
  • PaaS
  • IDaaS

Answer : IaaS.

Explanation In public cloud computing IaaS - (Infrastructure as a Service) The vendor provides infrastructure up to the OS, the customer adds the OS and up.

We are looking at adding type 1 VM Hypervisors to our environments. What they run on top of?

Options are :

  • The OS.
  • The hardware. (Correct)
  • The virtual machine.
  • The hypervisor.

Answer : The hardware.

Explanation Hypervisor - Controls the access between the virtual guest/clients and the host hardware. Type 1 hypervisor (Bare Metal) is a part of a Virtualization OS that runs on top of the host hardware (Think Data Center).

Where would you suggest we place a guard at our perimeter to ensure only authorized employees can get onto our grounds?


Options are :

  • At the turnstiles.
  • At the building with the open door.
  • At the gate. (Correct)

Answer : At the gate.

Explanation We only have 2 entry points in the fence. The turnstiles already have fingerprint readers, we would want the guard at the gate for cars.

Which type of malware is embedded in another normal program?

Options are :

  • Worms.
  • Trojans. (Correct)
  • Rootkits.
  • Logic bombs.

Answer : Trojans.

Explanation Trojans - malicious code embedded in a program that is normal. This can be games, attachments, website clicks, etc. …

We are using different types of anti-virus in our organization. Which type MUST be constantly updated?

Options are :

  • Heuristic.
  • Signature. (Correct)
  • Formal.
  • Embedded.

Answer : Signature.

Explanation Antivirus Software - tries to protect us against malware. Signature based - looks for known malware signatures - MUST be updated constantly.

What would we use Distributed Control Systems (DSCs) for?

Options are :

  • Computerized control system for a process or plant. (Correct)
  • Controlling manufacturing processes.
  • Monitor our servers, workstations and network devices.
  • High level control supervisory management.

Answer : Computerized control system for a process or plant.

Explanation DCS (Distributed Control Systems) is a computerized control system for a process or plant in which autonomous controllers are distributed throughout the system, but there is central operator supervisory control.

When we are using frequency analysis, what are we looking at?

Options are :

  • How often certain letters are used. (Correct)
  • How often pairs of letters are used.
  • How many messages are sent.
  • How often messages are sent.

Answer : How often certain letters are used.

Explanation Frequency Analysis (analyzing the frequency of a certain character) – In English “E? is used 12.7% of the time. Given enough encrypted substitution text, you can break it just with that.

The order of the plaintext should be dispersed in the ciphertext. What is this called?

Options are :

  • Confusion.
  • Diffusion. (Correct)
  • Substitution.
  • Permutation.

Answer : Diffusion.

Explanation Diffusion is how the order of the plaintext should be “diffused? (dispersed) in the ciphertext.

If we are using Mandatory Access Control (MAC) and we are looking at the BIBA's * integrity axiom, what can't we do?

Options are :

  • Read down.
  • Read up.
  • Write down.
  • Write up. (Correct)

Answer : Write up.

Explanation BIBA: Integrity (Mandatory Access Control): * Integrity Axiom : “No Write UP?. Subjects with Secret clearance can’t write Secret information to Top Secret folders. We don't want wrong or lacking lower level information to propagate to a higher level.

Looking at the logical ring model, where would we find a VM hypervisor?

Options are :

  • -1 (Correct)
  • 0
  • 2
  • 3

Answer : -1

Explanation The Ring Model: 4 ring model that separates Users (Untrusted) from the Kernel (Trusted). The full model is slow and rarely used; most OS’ only use rings 0 and 3. The applications are at layer 3. There is a new addition to the Ring Model: Hypervisor mode is called Ring -1 and is for VM Hosts. Ring -1 sits below the Client kernel in Ring 0.

On our systems, what is the South bridge connected to?

Options are :

  • CPU.
  • Wireless.
  • Mouse/Keyboard. (Correct)
  • All of these.

Answer : Mouse/Keyboard.

Explanation The south bridge is connected to the hard disks and other drives, USB ports and other peripherals (and the north bridge).

In which part of the computer are all the calculations done?

Options are :

  • CPU.
  • ALU. (Correct)
  • CU.
  • ROM.

Answer : ALU.

Explanation Arithmetic logic unit (ALU) performs arithmetic and logic operations. It’s a processor that registers that supply operands (Object of a Mathematical Operation) to the ALU and stores the results of ALU operations. It does all the math.

In which order does the CPU process work?

Options are :

  • Fetch, execute, decode, store.
  • Execute, fetch, decode, store.
  • Fetch, decode, execute, store. (Correct)
  • Fetch, decode, store, execute.

Answer : Fetch, decode, execute, store.

Explanation CPU (Central Processing Unit): Fetch, Decode, Execute, Store. Fetch - Gets the instructions from memory into the processor. Decode - Internally decodes what it is instructed to do. Execute - Takes the add or subtract values from the registers. Store - Stores the result back into another register (retiring the instruction).

Jane and Bob are talking about hashing and they use the abbreviation MAC. What are they talking about?

Options are :

  • Mandatory Access Control.
  • Media Access Control.
  • Message Authentication Code. (Correct)
  • Message Access Code.

Answer : Message Authentication Code.

Explanation MAC (Message Authentication Code) – The exam uses MAC for several concepts; it will be spelled out which one it is. Hash function using a key. CBC-MAC, for instance, uses Cipher Block Chaining from a symmetric encryption (like DES). Provides integrity and authenticity.

Which security principle is Bell-LaPadula based on?

Options are :

  • Integrity.
  • Confidentiality. (Correct)
  • Availability.
  • Authentication.

Answer : Confidentiality.

Explanation Bell-LaPadula: (Confidentiality) (Mandatory Access Control): Simple Security Property “No Read UP?. Subjects with Secret clearance can’t read Top Secret data. * Security Property: “No Write DOWN?. Subjects with Top Secret clearance can’t write Top Secret information to Secret folders. Strong * Property: “No Read or Write UP and DOWN?. Subjects can ONLY access data on their own level.

How many keys would we have if we had 100 users using symmetric encryption?

Options are :

  • 200
  • 100
  • 4950 (Correct)
  • 2000

Answer : 4950

Explanation Symmetric: n(n-1)/2 users, with 100 users we would need 100(100-1)/2 or (100x99)/2 = 4950 keys.

Which of these is NOT part of our server hardening?

Options are :

  • Blocking ports not required by the server.
  • Applying all patches.
  • Disabling default user accounts.
  • Enable the USB drives on the servers. (Correct)

Answer : Enable the USB drives on the servers.

Explanation Hardware Hardening: On our servers - we harden the server. Apply all patches, block ports not needed, delete default users, … most places are good about this.

We are designing a new data center. Which of these if installed should ALWAYS prevent power fluctuations?

Options are :

  • PDU.
  • UPS. (Correct)
  • CPU.
  • Batteries.

Answer : UPS.

Explanation UPSs (Uninterruptible Power Supplies): Ensure constant clean power to the systems. Have large battery banks that take over in the event of a power outage; they also act as surge protectors.

We are designing a new data center. At a presentation to senior management and the board of directors, you are asked: "Why do we need to keep the humidity controlled in the data center?" What should your reply be?

Options are :

  • To keep it nice in there for employees.
  • To prevent corrosion on our equipment.
  • To ensure the data is safe. (Correct)
  • To prevent EMI.

Answer : To ensure the data is safe.

Explanation To ensure the data is safe: We want to keep the humidity between 40 and 60% rH (Relative Humidity), too low humidity will cause static electricity and high humidity will corrode metals (electronics). While "Prevent corrosion" is correct, "Keep data safe" is more correct.

When we are replacing memory sticks in a server, we should use which of these to prevent damage to hardware when handling it?

Options are :

  • A dark data center.
  • Proper humidity.
  • A sharp screwdriver.
  • Antistatic equipment. (Correct)

Answer : Antistatic equipment.

Explanation Static Electricity: Can be mitigated by proper humidity control, grounding all circuits, using antistatic wrist straps and work surfaces. All personnel working with internal computer equipment (motherboards, insert cards, memory sticks, hard disks) should ground themselves before working with the hardware.

We have smoke photoelectric detectors installed in our data center. What do they detect?

Options are :

  • The infrared light emitted from a fire.
  • A change in the light indicating higher particle density. (Correct)
  • A rise in temperature indicating a fire.
  • If the light is off in the data center.

Answer : A change in the light indicating higher particle density.

Explanation Smoke Detectors: Photoelectric uses LED (Light Emitting Diode) and a photoelectric sensor that produces a small charge while receiving light. Triggers when smoke or any higher particle density interrupts the light.

We have seen an increasing number of viruses on our systems. As part of our defense in depth, we have implemented multiple overlapping countermeasures to mitigate the issues we have been having with viruses. Which of these are types of viruses? (Select all that apply).

Options are :

  • Boot Sector. (Correct)
  • Polymorphic. (Correct)
  • Logic Bombs.
  • Trojans.
  • Packers.
  • Macro. (Correct)

Answer : Boot Sector. Polymorphic. Macro.

Explanation Viruses - require some sort of human interaction and are often transmitted by USB sticks or other portable devices. When the program is executed, they replicate themselves by inserting their own code into other programs. Macro (document) viruses: Written in Macro Languages; embedded in other documents (Word, Outlook). Boot Sector viruses: infects the PC's boot sector or the Master Boot Record, ensuring it runs every time the PC boots. Stealth Viruses: try to hide themselves from the OS and antivirus software. Polymorphic Viruses: change their signature to avoid the antivirus signature definitions. Well-written polymorphic viruses have no parts that remain identical between infections, making it very difficult to detect directly using antivirus signatures. Multipart (Multipartite) Viruses: spread across multiple vectors. They are often hard to get rid of because even if you clean the file infections, the virus may still be in the boot sector and vice-versa.

In newer computer architecture, we have split the bus into a north and a south bridge. The north bridge is much faster than the south bridge. Which of these is the north bridge?


Options are :

  • A
  • B (Correct)
  • C

Answer : B

Explanation The Northbridge (Host bridge) is connected to the CPU, the RAM, GPU and the south bridge. The south bridge is connected to the peripherals and the north bridge. There are no North/Southbridge standards, but they must be able to work with each other.

What is the MOST important to secure the safety of FIRST in an emergency?

Options are :

  • Staff. (Correct)
  • Critical servers.
  • The building.
  • Backups.

Answer : Staff.

Explanation Remember people are always more important to protect than stuff.

Halon is by far the best fire suppression. It can keep hardware, employees, and our building safer by putting the fires out more efficiently. Why is it we no longer use Halon in our fire suppression systems?

Options are :

  • It is too expensive.
  • It is not very good at putting fires out.
  • It depletes the ozone layer. (Correct)
  • It damages hardware.

Answer : It depletes the ozone layer.

Explanation Halon 1301 has been the industry standard for protecting high-value assets from fire since the mid-1960s. It has many benefits: it is fast-acting, safe for assets, and requires little storage space. It is no longer used widely because it depletes atmospheric ozone and is potentially harmful to humans. In some countries, legislation requires the systems to be removed; in others, it is OK to use them still (with recycled Halon); however, systems have not been installed since 1994 (The Montreal Accord). The Montreal Accord (197 countries) banned the use and production of new Halon. A few exceptions for "essential uses“ include things like inhalers for asthma, and fire suppression systems in submarines and aircraft.

We use different types of fire suppression depending on where it is and what is in that location. Which areas would it be appropriate for us to use CO2 fire suppression?

Options are :

  • In unmanned areas. (Correct)
  • In our data center.
  • In all of our offices.
  • In the bathrooms.

Answer : In unmanned areas.

Explanation CO2: Should only be used in unmanned areas. It is colorless and odorless and causes people in it to pass out and then die. Staff working in an area of their organization where CO2 is used should be properly trained in CO2 safety.

If you are faced with a fire and you need to use a fire extinguisher, which method should you use?

Options are :

  • RACE.
  • PACE.
  • PASS. (Correct)
  • GASS.

Answer : PASS.

Explanation Use the PASS method to extinguish a fire with a portable fire extinguisher: Pull the pin in the handle. Aim at the base of the fire. Squeeze the lever slowly. Sweep from side to side.

Which type of fire extinguisher would you use on a metal fire?

Options are :

  • Wet chemical.
  • Dry powder. (Correct)
  • Soda-Acid.
  • Class A.

Answer : Dry powder.

Explanation Dry Powder Extinguishers (sodium chloride, graphite, ternary eutectic chloride). Lowers the temperature and removes oxygen in the area. Primarily used for metal fires (sodium, magnesium, graphite).

If we are using the Bell-LaPadula "simple security property", what can't we do?

Options are :

  • Read down.
  • Read up. (Correct)
  • Write down.
  • Write up.

Answer : Read up.

Explanation Bell-LaPadula: (Confidentiality) (Mandatory Access Control): Simple Security Property “No Read UP?. Subjects with Secret clearance can’t read Top Secret data.

What historical encryption was written on a thin piece of parchment that was wrapped around a round stick of a certain diameter?

Options are :

  • Caesar cipher.
  • Spartan Scytale. (Correct)
  • Vigenère cipher.
  • Bazeries.

Answer : Spartan Scytale.

Explanation Spartan Scytale - Message written lengthwise on a long thin piece of parchment wrapped around a certain size round stick. By itself it would make no sense, but if rewrapped around a stick of the same diameter it would be decipherable.

The original version of the Enigma machines encryption was broken by the Polish intelligence in 1939. When it was broken in 1939, how many rotors did it use?

Options are :

  • 3 (Correct)
  • 4
  • 10
  • 5

Answer : 3

Explanation Enigma - Rotary based. Was three rotors early on, which were broken, so the Germans added one rotor, making it much harder. Breaking the Enigma was responsible for ending the war early and saving millions of lives.

Which of these would be a TRUE statement about symmetric encryption?

Options are :

  • It does not use a shared key.
  • It is the strongest per bit. (Correct)
  • It uses private and public keys to share a session key.
  • All of these.

Answer : It is the strongest per bit.

Explanation Asymmetric vs Symmetric Encryption and Hybrid: Asymmetric Pros: It does not need a pre-shared key, only 2x users = total keys. Cons: It is much slower, it is weaker per bit. Symmetric: Pros: Much faster, stronger per bit. Cons: Needs a pre-shared key, n(n-1)/2 users, becomes unmanageable with many users.

If we have 5 users and they all need to communicate with each other securely, would we use the MOST encryption keys if we used asymmetric or symmetric encryption??

Options are :

  • Asymmetric.
  • Symmetric.
  • They would use the same number of keys. (Correct)
  • We would need more information to be able to tell.

Answer : They would use the same number of keys.

Explanation Symmetric would use 10 keys (5x(5-1))/2, asymmetric uses 2 keys per person also 10 keys.

We are talking about implementing new encryption in our organization. Which of these would be TRUE about IDEA?

Options are :

  • It is a 64 bit block cipher, with 56 bit keys.
  • It is a 64 bit block cipher with a 112 bit key.
  • It is a 64 bit block cipher with a 128 bit key. (Correct)
  • It is a 128 bit block cipher with 128, 192 or 256 bit keys.

Answer : It is a 64 bit block cipher with a 128 bit key.

Explanation IDEA (International Data Encryption Algorithm): Designed to replace DES. Symmetric, 128 bit key, 64 bit block size, considered safe. Not widely used now, since it is patented and slower than AES.

Our organization is considering acquiring one of our competitors. Before we agree to the purchase, we have done a security assessment of their facility. None of the findings were too alarming, but we want them fixed as soon as possible. To ensure we only allow authorized employees inside our fence, which of these physical security problems would you want to fix FIRST?


Options are :

  • The broken turnstile.
  • The broken camera.
  • The poor lighting.
  • The opening in the fence. (Correct)

Answer : The opening in the fence.

Explanation We would want to do something about the opening in the fence first. We could either put a guard or a gate with a badge reader.

We are looking at implementing a new type of symmetric encryption. Which of these symmetric encryption types are no longer considered secure, and should be something we should NOT consider?

Options are :

  • RC4 (Correct)
  • 3DES K1.
  • AES.
  • Twofish.

Answer : RC4

Explanation RC4: Used by WEP/WPA/SSL/TLS. Pseudorandom keystream. No longer considered secure. Symmetric, Stream cipher, 40-2048 bit key length.

When a computer uses more than one processor at a time for a task, it is called what?

Options are :

  • Multithreading.
  • Multiprocessing. (Correct)
  • Multitasking.
  • Multiprogramming.

Answer : Multiprocessing.

Explanation Multiprocessing - A computer using more than one CPU at a time for a task.

What handles all access between objects and subjects in the computer kernel?

Options are :

  • User mode.
  • Supervisor mode.
  • Reference monitor. (Correct)
  • Superuser mode.

Answer : Reference monitor.

Explanation The Kernel At the core of the OS is the Kernel. At ring 0 (or 3), it interfaces between the operating system (and applications) and the hardware. Microkernels are modular kernels. The reference monitor is a core function of the kernel; it handles all access between subjects and objects. It is always on and can't be bypassed.

We have part of our infrastructure migrated to cloud computing. We are responsible for the applications and the data. Which type of cloud computing are we using?

Options are :

  • IaaS.
  • SaaS
  • PaaS (Correct)
  • IDaaS

Answer : PaaS

Explanation In public cloud PaaS - (Platform as a Service) The vendor provides pre-configured OSs, then the customer adds all programs and applications.

One of our engineers has found a virus on one of our systems that keeps changing signature. What type of virus is it?

Options are :

  • Macro virus.
  • Stealth virus.
  • Multipart.
  • Polymorphic. (Correct)

Answer : Polymorphic.

Explanation Polymorphic Viruses: Change their signature to avoid the antivirus signature definitions. Well-written polymorphic viruses have no parts which remain identical between infections, making it very difficult to detect directly using antivirus signatures.

We have moved some of our non-critical functions to cloud hosting. We have chosen to go with an IaaS - (Infrastructure as a Service) implementation. Where would our responsibility start?


Options are :

  • A: After the application.
  • B: Between security and application.
  • C: Between virtualization and OS. (Correct)
  • D: Between storage and servers.

Answer : C: Between virtualization and OS.

Explanation IaaS - (Infrastructure as a Service) The vendor provides infrastructure up to the OS, the customer adds the OS and up.

We have implemented different types of anti-virus throughout our organization. Which type of anti-virus can produce a lot of false positives?

Options are :

  • Heuristic. (Correct)
  • Signature.
  • Formal.
  • Embedded.

Answer : Heuristic.

Explanation Antivirus Software - tries to protect us against malware. Heuristic (Behavioral) based - looks for abnormal behavior - can result in a lot of false positives.

We have started issuing cell phones to our employees and we want a centralized way of managing them. What could be something we should consider implementing?

Options are :

  • MGM.
  • MDM. (Correct)
  • DRM.
  • AMA.

Answer : MDM.

Explanation Using a centralized management system: MDM (Mobile Device Management) we can controls a lot of settings. App Black/White list, Storage Segmentation, Remote Access Revocation, Configuration Pushes, Backups. More controversial: Track the location of employees, monitor their data traffic and calls.

What are Programmable Logic Controllers (PLCs) used for?

Options are :

  • Computerized control system for a process or plant.
  • Controlling manufacturing processes. (Correct)
  • Monitor our servers, workstations and network devices.
  • High level control supervisory management.

Answer : Controlling manufacturing processes.

Explanation PLC (Programmable Logic Controllers) is an industrial digital computer which has been ruggedized and adapted for the control of manufacturing processes such as assembly lines, robotic devices or any activity that requires high reliability control, ease of programming and process fault diagnosis.

If an attacker is using a digraph attack, what is the attacker looking for? ?

Options are :

  • How often certain letters are used.
  • How often pairs of letters are used. (Correct)
  • How many messages are sent.
  • How often messages are sent.

Answer : How often pairs of letters are used.

Explanation Digraph attack: Similar to frequency analysis/attacks, but looks at common pairs of letters (TH, HE, IN, ER).

What is the relationship between plaintext and ciphertext is called?

Options are :

  • Confusion. (Correct)
  • Diffusion.
  • Substition.
  • Permutation.

Answer : Confusion.

Explanation Confusion is the relationship between the plaintext and ciphertext; it should be as random (confusing) as possible.

Which historical type of encryption involved the sender switching letters a certain number of spots forwards or back in the alphabet, with the receiver doing the same in the opposite direction?

Options are :

  • Caesar cipher. (Correct)
  • Spartan Scytale.
  • Vigenère cipher.
  • Bazeries.

Answer : Caesar cipher.

Explanation Caesar Cipher (Substitution) - Done by switching letters a certain numbers of spots in the alphabet. “Pass the exam" moved 3 back would be “Mxpp qeb buxj.?

Which of these rotary based encryption machines was NOT known to have been broken while it was in active use?

Options are :

  • Enigma.
  • Purple.
  • SIGABA. (Correct)
  • PRAAS.

Answer : SIGABA.

Explanation SIGABA: A rotor machine used by the United States throughout World War II and into the 1950s, similar to the Enigma. It was more complex, and was built after examining the weaknesses of the Enigma. No successful cryptanalysis of the machine during its service lifetime is publicly known. It used 3x 5 sets of rotors.

The original Enigma machine was broken by the Polish in 1939. How many rotors did the Enigma use at the end of the Second World War?

Options are :

  • 3
  • 4 (Correct)
  • 10
  • 5

Answer : 4

Explanation Enigma - Rotary based. Was 3 rotors early on, which was broken, so the Germans added 1 rotor, making it much harder. Breaking the Enigma was responsible for ending the war early and saving millions of lives.

Which of these is a TRUE about hybrid encryption?

Options are :

  • It does not use a shared key.
  • It is the strongest per bit.
  • It uses private and public keys to share a symmetric session key. (Correct)
  • All of these.

Answer : It uses private and public keys to share a symmetric session key.

Explanation Hybrid Encryption: Uses Asymmetric encryption to share a Symmetric Key (session key). We use the security over an unsecure media from Asymmetric for the initial exchange and we use the speed and higher security of the Symmetric for the actual data transfer. The Asymmetric Encryption may send a new session key ever so often to ensure security.

If we have 100 users in our organization that are all needing to communicate securely with each other, would symmetric or asymmetric encryption use the highest number of encryption keys?

Options are :

  • Asymmetric.
  • Symmetric. (Correct)
  • They would use the same number of keys.
  • We would need more information to be able to tell.

Answer : Symmetric.

Explanation Symmetric would use 4950 keys (100x(100-1))/2, asymmetric uses 2 keys per person so 200 keys.

DES is very easy to break today. To remedy the problems with DES, 3DES was developed. Which of these is TRUE about 3DES K1?

Options are :

  • It is a 64-bit block cipher, with 56-bit keys.
  • It is a 64-bit block cipher with a 112-bit key strength. (Correct)
  • It is a 64-bit block cipher with a 128-bit key strength.
  • It is a 128-bit block cipher with 128, 192 or 256-bit keys.

Answer : It is a 64-bit block cipher with a 112-bit key strength.

Explanation 3 DES (Triple DES): Was developed to extend life of DES systems while getting ready for AES. Symmetric – 64-bit block cipher – 56-bit key, 16 rounds of encryption, uses Fistel. 3 rounds of DES vs 1. K1 (keymode1) – 3 different keys with a key length of 168-bits (three 56-bit DES keys), but due to the meet-in-the-middle attack, the effective security it provides is only 112-bits.

We have several physical security issues we are wanting to address. Which of these would you want to fix FIRST, if you needed to ensure safe employee evacuation in a disaster event?


Options are :

  • The broken camera.
  • The broken turnstiles. (Correct)
  • The functional gate.
  • The missing fence.

Answer : The broken turnstiles.

Explanation To allow our employees to exit in the case on an emergency, we would want to fix the broken turnstiles first. The gate, the broken camera and the broken fence does not hinder employee evacuation.

As technology progresses or flaws are found in the symmetric algorithms, we stop using that encryption. Which of these symmetric encryption types are no longer considered secure?

Options are :

  • 3DES K3. (Correct)
  • 3DES K1.
  • AES.
  • Twofish.

Answer : 3DES K3.

Explanation 3DES (Triple DES) K3 (keymode3) – Same key 3 times, just as insecure as DES (encrypt/decrypt/encrypt).

Prime number factorization is an example of what?

Options are :

  • One way functions. (Correct)
  • Two way functions.
  • Symmetric encryption.
  • Shared key encryption.

Answer : One way functions.

Explanation Prime Number Factorization: Factoring large Prime numbers using a one-way factorization - It is easy to multiply 2 numbers, but hard to discern the 2 numbers multiplied from the result.

Which of these hashing algorithms are still considered secure and collision free?

Options are :

  • MD5
  • MD6.
  • SHA1.
  • RIPEMD160. (Correct)

Answer : RIPEMD160.

Explanation RIPEMD160: Redesigned, fixing flaws of RIPEMD. 160 bit hashes. Not widely used. Considered secure. MD5 (Message Digest 5): 128bit Fixed-Length hash, used very widely until a flaw was found making it possible to produce collisions in a reasonable amount of time. While not a chosen-text collision, it is still a collision. MD6 (Message Digest 6): Was not used for very long; was supposed to replace MD5, but SHA2/3 were better. It was in the running for the SHA3 race, but withdrawn due to flaws