AP Cybersecurity · Unit 5 · Topic 5.3 · Exercise 1
Hash Selection Triage
Eight scenarios. For each one, pick the right hash algorithm or diagnose the failure. The exam rewards knowing which hash belongs where: SHA-256 for files, bcrypt/Argon2 for passwords, HMAC for API auth, digital signatures for non-repudiation.
8 Questions~15 minScored
How This Exercise Works
Predict first: For each scenario, identify the use case (file integrity / password storage / API auth / signature) before reading options.
Then classify: Is the algorithm modern (SHA-256/Argon2/bcrypt) or deprecated (MD5/SHA-1)? Is it right for the use case (password hashes must be SLOW)?
Score0 / 8
Question 1
A team is designing a new user authentication system. They need to pick an algorithm for storing passwords in the database. Which is the correct choice for a 2026 deployment?
✎ Predict before reading options. Commit to your answer first.
Exam TipPasswords in 2026 = Argon2id or bcrypt. Not SHA-family. Not encryption. Not MD5.
Question 2
A software distribution site publishes SHA-256 checksums for each downloadable ISO. A user downloads a Linux ISO and wants to verify its integrity. What does this use of SHA-256 actually protect against?
✎ Predict before reading options. Commit to your answer first.
Exam TipFile hash + trusted channel for the hash = integrity verification. Without trusted channel, integrity check is worthless.
Question 3
Consider the following statements about MD5. Which is TRUE?
I. MD5 is acceptable for file deduplication in a trusted environment where no one has incentive to craft collisions. II. MD5 is acceptable for password hashing if combined with a strong salt. III. MD5 is acceptable for digital signatures on short documents.
✎ Predict before reading options. Commit to your answer first.
Exam TipMD5 in non-security contexts = OK. MD5 anywhere security matters = broken.
Question 4
An API uses HMAC-SHA-256 to sign incoming requests. The API key is a shared secret between the client and the server. What security property does HMAC provide that plain SHA-256 does not?
✎ Predict before reading options. Commit to your answer first.
A team needs to implement a download verification system. The downloads themselves are large (several GB each) and the verification step must be fast. Which architecture is best?
✎ Predict before reading options. Commit to your answer first.
Exam TipPublic download integrity = SHA-256 + trusted channel. Not password hash, not HMAC, not encryption.
Question 6
A team discovers their legacy JWT implementation uses HS256 (HMAC-SHA-256) with a 6-character ASCII shared secret. Which of the following represents the actual risk, and what is the correct fix?
✎ Predict before reading options. Commit to your answer first.
Exam TipHMAC secret must have ≥ 256 bits of entropy. Short ASCII secrets are brute-forceable.
Question 7
A 2017 Google attack (dubbed 'SHAttered') produced two different PDF files with the same SHA-1 hash. Which property of SHA-1 was definitively broken, and what is the practical consequence?
✎ Predict before reading options. Commit to your answer first.
Exam TipSHAttered (2017) = SHA-1 collision. Broke collision resistance, not pre-image. Migration to SHA-256 everywhere.
Question 8
Which statement most accurately characterizes the difference between integrity and authenticity?
✎ Predict before reading options. Commit to your answer first.
Exam TipIntegrity = not modified. Authenticity = came from expected sender. HMAC/AEAD/signatures provide both. Plain hash = integrity only.
Whether you're a student, parent, or teacher — I'd love to hear from you.
Just want free AP CS resources?
Enter your email below and check the subscribe box — no message needed.
Students get daily practice questions and study tips. Teachers get curriculum resources and teaching strategies.
Typically responds within 24 hours
✓
Message Sent!
Thanks for reaching out. I'll get back to you within 24 hours.