Chapter 9 - Cryptography Implementation

The process of requiring interoperability is called:

Cross Certification

Which of the following is not one of the four main types of trust models used with PKI? A. Hierarchical B. Bridge C. Custom D. Mesh E. Hybrid

Custom is not one of the main PKI trust models.

Which of the following refers to the ability to manage individual resources in the CA network? A. Regulation B. Granularity C. Management D. Restricting

Granularity - Refers to the ability to manage individual resources in the CA network.

A Certificate Practice Statement (CPS) is a detailed statement the CA uses to issue certificates and ______ of the CA.

Implement Policies

Key destruction is the process of destroying keys that have become:

Invalid

A registration authority (RA) can do all the following except: A. Distribute keys B. Accept registrations for the CA C. Validate identities D. Give recommendations

It cannot give recommendations. A registration authority (RA) can distribute keys, accept registrations for the CA, and validate identities.

One disadvantage of decentralized key generation is:

It creates a storage and management issue.

The primary difference between an RA and _____ is that the latter can be used to identify or establish the identity of an individual.

LRA - An LRA can be used to identify or establish the identity of an individual.

Which of the following is an attack against the algorithm?

Mathematical Attack

A hierarchical trust model is also known as a:

Tree

The mesh trust model is also known as what?

Web Structure

The most popular certificate used is version 3 of:

X.509

PKI (Public Key Infrastructure) is a key-asymmetric system utilizing how many keys?

2 Keys - A public & Private Key

Public Key Infrastructure (PKI) is a first attempt to provide all the aspects of security to messages and transactions that have been previously discussed. It contains four components including: A. Certificate Authority (CA), Registration Authority (RA), RSA, and digital certificates B. Certificate Authority (CA), RSA, Document Authority (DA), and digital certificates C. Document Authority (DA), Certificate Authority (CA), and RSA D. Registration Authority (RA), RSA, and digital certificates

A. Public Key Infrastructure (PKI) contains four components: certificate authority (CA), registration authority (RA), RSA, and digital certificates.

In a bridge trust model, each intermediate CA trusts only those CAs that are:

Above and below it

Key management includes all of the following stages/areas except: A. Centralized versus decentralized key generation B. Key storage and distribution C. Key locking D. Key escrow E. Key expiration

C. Key locking is not a part of key management. Key management includes centralized versus decentralized key generation, key storage and distribution, key escrow, and key expiration.

A certificate authority (CA) is an organization that is responsible for issuing, revoking, and distributing:

Certificate Authority (CA) - Is an organization that is responsible for issuing, revoking, and distributing certificates.

Certificate revocation is the process of revoking a certificate before it:

Expires.

In a bridge trust model, a ______ to ______ relationship exists between the root CAs.

Peer to Peer

Who is responsible for issuing certificates?

The certificate authority (CA) is responsible for issuing certificates.