CyberSecurity Module 4
Bengt is setting up a new web server that will have several IP addresses. He only wants to acquire a single digital certificate. Which type of certificate will he acquire?
a. SAN
Ville has been asked by his supervisor to review the contents of a questionable digital certificate. Which of the following would Ville NOT find in it?
a. owner's private key
What is a publicly accessible centralized directory of digital certificates that can be used to view the status of a digital certificate?
b. CR
Alarik is explaining to a colleague about digital certificates. Which of the following statements would he use to correctly describe the need for digital certificates?
b. It can hide the public key so that it cannot be abused.
Which of the following performs a real-time lookup of a certificate's status?
b. OCSP
What is a technology used to associate a user's identity to a public key and has been digitally signed by a trusted third party?
b. digital certificate
Which of the following is NOT a primary characteristic for determining the resiliency of a key to attacks?
b. key derivation
Who is responsible for verifying the credentials of an applicant for a digital certificate?
b. registration authority
Which of the following is the most comprehensive secure communication and transport protocol?
c. IPSec
Dag wants to set up a trust model in which he only will serve as a CA. Which trust model will he choose?
c. hierarchical trust model
Ansgar is studying how digital certificates can be used. Which of the following is NOT a use of a digital certificate?
c. to verify the authenticity of the CA
Tordis has been asked to acquire a digital certificate that will cover all the subdomains of a new site. Which type of certificate would he acquire?
c. wildcard digital certificate
Gjord has been assigned to design an implementation of IPSec at an old manufacturing plant that has legacy network equipment and many devices. Which implementation will he choose?
d. BITS
Which of the following is NOT true about a root digital certificate?
d. It is the endpoint of the chain.
Which of the following is false about PKI?
d. It must be used by all enterprises with over 1,000 employees.
Which is the first step in a key exchange?
d. The web browser sends a message ("ClientHello") to the server.
What is the standard format for digital certificates?
d. X-509 Version 3
What is the strongest technology that would assure Alice that Bob is the sender of a message?
d. digital certificate
Einar has been asked to create a new policy that outlines the process in which keys are managed by a third party and the private key is split with each half encrypted. What policy is Einar creating?
d. key escrow policy
Which of the following is NOT a means by which a person requesting a digital certificate can be authenticated?
d. telephone number
