Chapter 4: Advanced cyytography and PKI: Review Questions

What length SSL and TLS keys are generally considered to be strong? 2048 1024 4096 128

4096

Which trust model has multiple CAs, one of which acts as a facilitator? Distributed Bridge Web Hierarchical

Bridge

Which of the following block ciphers XORs each block of plaintext with the previous block of ciphertext before being encrypted? Galois/Counter (GCM) Electronic Code Book (ECB) Counter (CTR) Cipher Block Chaining (CBC)

Cipher Block Chaining (CBC)

What block cipher mode of operation uses the most basic approach where the plaintext is divided into blocks, and each block is then encrypted separately? Galois/Counter Cipher Block Chaining Counter Electronic Code Book

Electronic Code Book

Digital certificates should last forever. True False

False

Root digital certificates are should never be self-signed. False True

False

What protocol below supports two encryption modes: transport and tunnel? SSL TLS IPSec HTTPS

IPSec

_____ refers to a situation in which keys are managed by a third party, such as a trusted CA. Remote key administration Key escrow Trusted key authority Key authorization

Key escrow

_____ are symmetric keys to encrypt and decrypt information exchanged during the session and to verify its integrity. Digital certificates Encrypted signatures Digital digests Session keys

Session keys

A Subject Alternative Name (SAN) digital certificate, is also known as a Unified Communications Certificate (UCC). False True

True

A certificate repository (CR) is a publicly accessible centralized directory of digital certificates. True False

True

Some CAs issue only entry-level certificates that provide domain-only validation. True False

True

The process by which keys are managed by a third party, such as a trusted CA, is known as? key management key escrow key destruction key renewal

key escrow

What is used to create session keys? domain validation validation master secret crypto modules

master secret

A digital certificate associates _____. a user's public key with his private key a private key with a digital signature a user's private key with the public key the user's identity with his public key

the user's identity with his public key