Module 3 Review Questions
What items are contained in a digital certificate?
-Public Key -Validity Period
What is PKI (Public Key Infrastructure)?
A hierarchy of computers for issuing certificates.
Which of the following best describes high amplification when applied to hashing algorithms?
A small change in the message results in a big change in the hash value.
A PKI is an implementation for managing which type of encryption?
Asymmetric
What condition does not result in a certificate being added to the certificate revocation list?
Certificate expiration
When two different messages produce the same hash value, what has occurred?
Collision
Hashing algorithms are used to perform what activity?
Create a message digest
Which of the following is the weakest hashing algorithm?
MD5
When is the best time to apply for a certificate renewal?
Near the end of the certificate's valid lifetime
Which technology was developed to help improve the efficiency and reliability of checking the validity status of certificates in large, complex environments?
Online Certificate Status Protocol
SHA-1 uses which of the following bit length hashing algorithms?
Only 160-bit
You have lost the private key that you have used to encrypt files. You need to get a copy of the private key to open some encrypted files. Who should you contact?
Recovery agent
Which of the following is an entity that accepts and validates information contained within a request for a certificate?
Registration authority
Which of the following does not or cannot produce a hash value of 128 bits?
SHA-1
Which of the following is the strongest hashing algorithm?
SHA-1
An SSL client has determined that the Certificate Authority (CA) issuing a server's certificate is on its list of trusted CAs. What is the next step in verifying the server's identity?
The CA's public key must validate the CA's digital signature on the server certificate.
Which action is taken when the private key associated with a digital certificate becomes compromised?
The certificate is revoked and added to the Certificate Revocation List.
Certificate revocation should occur under all but which of the following conditions?
The certificate owner has held the certificate beyond the established lifetime timer
How many keys are used with Public Key cryptography?
Two
Which standard is most widely used for certificates?
X.509
You have just downloaded a file. You create a hash of the file and compare it to the hash posted on the website. The two hashes match. What do you know about the file?
Your copy is the same as the copy posted on the website.
Which aspect of a certificate makes it a reliable and useful mechanism for proving the identity of a person, system, or service on the internet?
It is a trusted third-party.
Which of the following is used to verify that a downloaded file has not been altered?
Hash
A birthday attack focuses on what?
Hashing algorithms
To obtain a digital certificate and participate in a Public Key Infrastructure (PKI), what must be submitted and where?
Identifying data and a certification request to the registration authority (RA)