Chapter 9 - Cryptography Implementation
The process of requiring interoperability is called:
Cross Certification
Which of the following is not one of the four main types of trust models used with PKI? A. Hierarchical B. Bridge C. Custom D. Mesh E. Hybrid
Custom is not one of the main PKI trust models.
Which of the following refers to the ability to manage individual resources in the CA network? A. Regulation B. Granularity C. Management D. Restricting
Granularity - Refers to the ability to manage individual resources in the CA network.
A Certificate Practice Statement (CPS) is a detailed statement the CA uses to issue certificates and ______ of the CA.
Implement Policies
Key destruction is the process of destroying keys that have become:
Invalid
A registration authority (RA) can do all the following except: A. Distribute keys B. Accept registrations for the CA C. Validate identities D. Give recommendations
It cannot give recommendations. A registration authority (RA) can distribute keys, accept registrations for the CA, and validate identities.
One disadvantage of decentralized key generation is:
It creates a storage and management issue.
The primary difference between an RA and _____ is that the latter can be used to identify or establish the identity of an individual.
LRA - An LRA can be used to identify or establish the identity of an individual.
Which of the following is an attack against the algorithm?
Mathematical Attack
A hierarchical trust model is also known as a:
Tree
The mesh trust model is also known as what?
Web Structure
The most popular certificate used is version 3 of:
X.509
PKI (Public Key Infrastructure) is a key-asymmetric system utilizing how many keys?
2 Keys - A public & Private Key
Public Key Infrastructure (PKI) is a first attempt to provide all the aspects of security to messages and transactions that have been previously discussed. It contains four components including: A. Certificate Authority (CA), Registration Authority (RA), RSA, and digital certificates B. Certificate Authority (CA), RSA, Document Authority (DA), and digital certificates C. Document Authority (DA), Certificate Authority (CA), and RSA D. Registration Authority (RA), RSA, and digital certificates
A. Public Key Infrastructure (PKI) contains four components: certificate authority (CA), registration authority (RA), RSA, and digital certificates.
In a bridge trust model, each intermediate CA trusts only those CAs that are:
Above and below it
Key management includes all of the following stages/areas except: A. Centralized versus decentralized key generation B. Key storage and distribution C. Key locking D. Key escrow E. Key expiration
C. Key locking is not a part of key management. Key management includes centralized versus decentralized key generation, key storage and distribution, key escrow, and key expiration.
A certificate authority (CA) is an organization that is responsible for issuing, revoking, and distributing:
Certificate Authority (CA) - Is an organization that is responsible for issuing, revoking, and distributing certificates.
Certificate revocation is the process of revoking a certificate before it:
Expires.
In a bridge trust model, a ______ to ______ relationship exists between the root CAs.
Peer to Peer
Who is responsible for issuing certificates?
The certificate authority (CA) is responsible for issuing certificates.