Security+ Chapter 4
Public key infrastructure (PKI) _____.
is the management of digital certificates
Which of these is considered the strongest cryptographic transport protocol?
TLS v1.2
A centralized directory of digital certificates is called a(n) _____.
Certificate Repository (CR)
What entity calls in crypto modules to perform cryptographic tasks?
Crypto service provider
_____ refers to a situation in which keys are managed by a third party, such as a trusted CA.
Key escrow
_____ performs a real-time lookup of a digital certificate's status.
Online Certificate Status Protocol (OCSP)
An entity that issues digital certificates is a _____.
Certificate Authority (CA)
Which trust model has multiple CAs, one of which acts as a facilitator?
Bridge
Which of the following block ciphers XORs each block of plaintext with the previous block of ciphertext before being encrypted?
Cipher Block Chaining (CBC)
Which digital certificate displays the name of the entity behind the website?
Extended Validation (EV) Certificate
Which statement is NOT true regarding hierarchical trust models?
It is designed for use on a large scale.
_____ is a protocol for securely accessing a remote computer.
Secure Shell (SSH)
A(n) _____ is a published set of rules that govern the operation of a PKI.
certificate policy (CP)
The strongest technology that would assure Alice that Bob is the sender of a message is a(n) _____.
digital certificate
What is a value that can be used to ensure that hashed plaintext will not consistently result in the same digest?
salt
A digital certificate associates _____.
the user's identity with his public key
_____ are symmetric keys to encrypt and decrypt information exchanged during the session and to verify its integrity.
Session keys
Which of the following is NOT a method for strengthening a key?
Variability
Which of these is NOT part of the certificate life cycle?
authorization
Digital certificates can be used for each of these EXCEPT _____.
to verify the authenticity of the Registration Authorizer
