Ch 4 - Advanced Cryptography

Descripción

Ch 4 quiz
C Danvers
Test por C Danvers, actualizado hace más de 1 año
C Danvers
Creado por C Danvers hace más de 6 años
736
0

Resumen del Recurso

Pregunta 1

Pregunta
A certificate repository (CR) is a publicly accessible centralized directory of digital certificates
Respuesta
  • True
  • False

Pregunta 2

Pregunta
A digital certificate is a technology used to associate a user's identity to a private key.
Respuesta
  • True
  • False

Pregunta 3

Pregunta
A document that describes in detail how a CA uses and manages certificates, as well as how end users register for a digital certificate, is known as?
Respuesta
  • Certificate Practice Statement (CPS)
  • Access Policy (AP)
  • Lifecycle Policy (LP)
  • Certificate Policy (CP)

Pregunta 4

Pregunta
A framework for all of the entities involved in digital certificates for digital certificate management is known as:
Respuesta
  • private key infrastructure
  • network key infrastructure
  • public key infrastructure
  • shared key infrastructure

Pregunta 5

Pregunta
A Subject Alternative Name (SAN) digital certificate, is also known as a Unified Communications Certificate (UCC).
Respuesta
  • True
  • False

Pregunta 6

Pregunta
At what stage can a certificate no longer be used for any type of authentication?
Respuesta
  • expiration
  • creation
  • suspension
  • revocation

Pregunta 7

Pregunta
A user electronically signs a Certificate Signing Request (CSR) by affixing their public key and then sending it to an intermediate certificate authority.
Respuesta
  • True
  • False

Pregunta 8

Pregunta
Digital certificates should last forever.
Respuesta
  • True
  • False

Pregunta 9

Pregunta
Root digital certificates should never be self-signed.
Respuesta
  • True
  • False

Pregunta 10

Pregunta
Select the secure alternative to the telnet protocol:
Respuesta
  • HTTPS
  • IPsec
  • TLS
  • SSH

Pregunta 11

Pregunta
Select the term that is used to describe a trusted third-party agency that is responsible for issuing digital certificates:
Respuesta
  • Registration Authority
  • Participation Authority
  • Certification Authority
  • Delegation Authority

Pregunta 12

Pregunta
Some CAs issue only entry-level certificates that provide domain-only validation.
Respuesta
  • True
  • False

Pregunta 13

Pregunta
Some cryptographic algorithms require that in addition to a key another value can or must be input.
Respuesta
  • True
  • False

Pregunta 14

Pregunta
SSL v3.0 served as the basis for TLS v1.0.
Respuesta
  • True
  • False

Pregunta 15

Pregunta
Stream ciphers work on multiple characters at a time.
Respuesta
  • True
  • False

Pregunta 16

Pregunta
The Authentication Header (AH) protocol is a part of what encryption protocol suite below?
Respuesta
  • IPSec
  • SSL
  • TLS 3.0
  • GPG

Pregunta 17

Pregunta
The process by which keys are managed by a third party, such as a trusted CA, is known as?
Respuesta
  • key escrow
  • key renewal
  • key destruction
  • key management

Pregunta 18

Pregunta
What allows an application to implement an encryption algorithm for execution?
Respuesta
  • counters
  • initialization vectors
  • crypto modules
  • crypto service providers

Pregunta 19

Pregunta
What block cipher mode of operation encrypts plaintext and computes a message authentication code to ensure that the message was created by the sender and that it was not tampered with during transmission?
Respuesta
  • Counter
  • Galois/Counter
  • Electronic Code Book
  • Cipher Block Chaining

Pregunta 20

Pregunta
What block cipher mode of operation uses the most basic approach where the plaintext is divided into blocks, and each block is then encrypted separately?
Respuesta
  • Cipher Block Chaining
  • Counter
  • Electronic Code Book
  • Galois/Counter

Pregunta 21

Pregunta
What common method is used to ensure the security and integrity of a root CA?
Respuesta
  • Keep it in an offline state from the network
  • Keep it in an online state and encrypt it
  • Password protect the root CA
  • Only use the root CA infrequently

Pregunta 22

Pregunta
What cryptographic transport algorithm is considered to be significantly more secure than SSL?
Respuesta
  • HTTPS
  • AES
  • TLS
  • ESSL

Pregunta 23

Pregunta
What is a value that can be used to ensure that plaintext, when hashed, will not consistently result in the same digest?
Respuesta
  • counter
  • nonce
  • initialization vector
  • salt

Pregunta 24

Pregunta
What is used to create session keys?
Respuesta
  • master secret
  • validation
  • crypto modules
  • domain validation

Pregunta 25

Pregunta
What kind of digital certificate is typically used to ensure the authenticity of a web server to a client?
Respuesta
  • public web
  • web server
  • web client
  • private

Pregunta 26

Pregunta
What length SSL and TLS keys are generally considered to be strong?
Respuesta
  • 128
  • 1024
  • 2048
  • 4096

Pregunta 27

Pregunta
What process links several certificates together to establish trust between all the certificates involved?
Respuesta
  • certificate joining
  • certificate linking
  • certificate pairing
  • certificate chaining

Pregunta 28

Pregunta
What process will remove all private and public keys along with the user's identification information in the CA?
Respuesta
  • destruction
  • revocation
  • deletion
  • suspension

Pregunta 29

Pregunta
What protocol below supports two encryption modes: transport and tunnel?
Respuesta
  • HTTPS
  • SSL
  • TLS
  • IPSec

Pregunta 30

Pregunta
What protocol, developed by Netscape in 1994, is designed to create an encrypted data path between a client and server that could be used on any platform or operating system?
Respuesta
  • SSL
  • EAP
  • TLS
  • PEAP

Pregunta 31

Pregunta
SSL v3.0 is considered more secure than TLS v1.2
Respuesta
  • True
  • False

Pregunta 32

Pregunta
What term best represents the resiliency of a cryptographic key to attacks?
Respuesta
  • key bits
  • key resiliency
  • key strength
  • key space

Pregunta 33

Pregunta
What type of trust model has a single CA that acts as a facilitator to interconnect all other CAs?
Respuesta
  • transitive trust
  • distributed trust
  • third-party trust
  • bridge trust

Pregunta 34

Pregunta
What type of trust model is used as the basis for most digital certificates used on the Internet?
Respuesta
  • distributed trust
  • related trust
  • managed trust
  • third-party trust

Pregunta 35

Pregunta
When two individuals trust each other because of the trust that exists between the individuals and a separate entity, what type of trust has been established?
Respuesta
  • third-party
  • distributed
  • web of
  • mutual

Pregunta 36

Pregunta
Which of the following certificates are self-signed?
Respuesta
  • root digital certificates
  • trusted digital certificates
  • web digital certificates
  • user digital certificates

Pregunta 37

Pregunta
Which of the following certificates verifies the identity of the entity that has control over the domain name?
Respuesta
  • validation digital certificate
  • root digital certificates
  • domain validation digital certificate
  • web digital certificates

Pregunta 38

Pregunta
Which of the following is an enhanced type of domain digital certificate?
Respuesta
  • Trusted Validation
  • Extended Validation
  • Primary Validation
  • Authorized Validation

Pregunta 39

Pregunta
Which of the following is an input value that must be unique within some specified scope, such as for a given period or an entire session?
Respuesta
  • salt
  • counter
  • nonce
  • initialization vector

Pregunta 40

Pregunta
Which of the following is a valid way to check the status of a certificate? (Choose all that apply.)
Respuesta
  • Online Certificate Status Protocol
  • Certificate Revocation List
  • Certificate Revocation Authority
  • Revocation List Protocol

Pregunta 41

Pregunta
Why is IPsec considered to be a transparent security protocol?
Respuesta
  • IPsec's design and packet header contents are open sourced technologies
  • IPsec uses the Transparent Encryption (TE) algorithm
  • IPsec is designed to not require modifications of programs, or additional training, or additional client setup
  • IPsec packets can be viewed by anyone
Mostrar resumen completo Ocultar resumen completo

Similar

CCNA Security 210-260 IINS - Exam 3
Mike M
Application of technology in learning
Jeff Wall
Innovative Uses of Technology
John Marttila
Ch1 - The nature of IT Projects
mauricio5509
The Internet
Gee_0599
CCNA Answers – CCNA Exam
Abdul Demir
SQL Quiz
R M
Professional, Legal, and Ethical Issues in Information Security
mfundo.falteni
System Analysis
R A
Flash Cards Networks
JJ Pro Wrestler
EDUC260- Multimodal Literacies for a Digital Age
angelwoo2002