5.2 Lab: CryptoOps Triage Desk

AP Cybersecurity · Unit 5 · Topic 5.2 · Lab

CryptoOps Triage Desk

Six tickets. You are the on-call crypto engineer. Deprecated algorithms, code review catches, incident response, and architecture reviews — diagnose each correctly and prescribe the right fix.

6 Tickets~20 minApplied · Scored

Triage Rules

For each ticket: identify the failure (algorithm / mode / IV / key management), then pick the action that fixes the root cause.

Trap answers: "rotate the key more often" (doesn't fix architecture), "longer key" (rarely the answer), "switch cipher" (usually distractor), "compensating control" (avoid when the real fix is removing the bad option).

Score0 / 6
Question 1
Ticket #C-2001 — Priority: Urgent

Security scanner flagged your team's legacy inventory service: it's still negotiating SSL/TLS with 3DES-CBC and MD5. Your company's compliance framework requires modern ciphers. What's the correct remediation?
✎ Predict before reading options. Commit to your answer first.
Exam TipDeprecated algorithm in config = remove the option, not work around it.
Question 2
Ticket #C-2002 — Priority: High

Developer pushes new code: cipher = AES.new(key, AES.MODE_ECB); ct = cipher.encrypt(pad(data)). Code review comments — what's the issue, and how do you fix it?
✎ Predict before reading options. Commit to your answer first.
Exam TipECB in code review = block the merge. Require GCM (or XTS for disk, CBC+HMAC at minimum for legacy).
Question 3
Ticket #C-2003 — Priority: Medium

Penetration test finding: the company's encryption keys are stored as plaintext values in Terraform state files committed to a private Git repo. What's the triage?
✎ Predict before reading options. Commit to your answer first.
Exam TipSecrets in source control = treat as compromised. Rotate, move to KMS, scrub history, add scanning.
Question 4
Ticket #C-2004 — Priority: High

Incident response: an engineer's laptop was stolen from a conference. It contained a clone of the production database. The laptop has full-disk encryption (AES-256-XTS, BitLocker, TPM-backed key with user PIN). The laptop was powered off when stolen. Leadership asks: is this a disclosable breach?
✎ Predict before reading options. Commit to your answer first.
Exam TipEncrypted + keys separate + powered off = safe harbor. One of the AP exam's favorite scenarios.
Question 5
Ticket #C-2005 — Priority: Critical

Active incident: attacker captured HTTPS traffic between a customer and your payment app. Traffic was TLS 1.2 with AES-128-CBC-SHA1. Attacker claims to have decrypted it. Is this possible?
✎ Predict before reading options. Commit to your answer first.
Exam TipOld TLS + non-forward-secrecy = captured traffic can be decrypted if server key leaks. Always enable PFS (ECDHE).
Question 6
Ticket #C-2006 — Priority: Urgent

Database encryption review: a team lead proposes using 'the same AES-256 key for all customers, encrypted into the application JAR at build time.' What's wrong with this proposal, and what's the correct approach?
✎ Predict before reading options. Commit to your answer first.
Exam TipEnvelope encryption: per-record DEK, wrapped by master KEK in KMS, with separate KMS access audit trail.

Lab Complete

— / 6

AP Cybersecurity · Unit 5 · Lesson 5.2 · Lab

Get in Touch

Whether you're a student, parent, or teacher — I'd love to hear from you.

Just want free AP CS resources?

Enter your email below and check the subscribe box — no message needed. Students get daily practice questions and study tips. Teachers get curriculum resources and teaching strategies.

Typically responds within 24 hours

Message Sent!

Thanks for reaching out. I'll get back to you within 24 hours.

🏫 Welcome, fellow educator!

I offer curriculum resources, practice materials, and study guides designed for AP CS teachers. Let me know what you're looking for — whether it's classroom materials, a guest speaker, or Teachers Pay Teachers resources.

Email

[email protected]

📚

Courses

AP CSA, CSP, & Cybersecurity

Response Time

Within 24 hours

Prefer email? Reach me directly at [email protected]