Network Auth & Security Chapter 7
Which two statements correctly describe certificate classes used in the PKI? (Choose two.) Question options: A class 0 certificate is for testing purposes. A class 0 certificate is more trusted than a class 1 certificate. The lower the class number, the more trusted the certificate. A class 5 certificate is for users with a focus on verification of email. A class 4 certificate is for online business transactions between companies.
A class 0 certificate is for testing purposes. A class 4 certificate is for online business transactions between companies.
A network administrator is forced to use DES on aging equipment. What is one thing the administrator should do in this situation? Question options: Use ECC instead of parity. Increase the key length. Implement CBC mode. Increase the number of bits used for encryption.
Implement CBC mode.
What is the service framework that is needed to support large-scale public key-based technologies? Question options: HMAC PKI RSA 3DES
PKI
What is a difference between symmetric and asymmetric encryption algorithms? Question options: Symmetric algorithms are typically hundreds to thousands of times slower than asymmetric algorithms. Symmetric encryption algorithms are used to authenticate secure communications. Asymmetric encryption algorithms are used to repudiate messages. Symmetric encryption algorithms are used to encrypt data. Asymmetric encryption algorithms are used to decrypt data. Symmetric encryption algorithms use pre-shared keys. Asymmetric encryption algorithms use different keys to encrypt and decrypt data.
Symmetric encryption algorithms use pre-shared keys. Asymmetric encryption algorithms use different keys to encrypt and decrypt data.
Which statement describes asymmetric encryption algorithms? Question options: They include DES, 3DES, and AES. They have key lengths ranging from 80 to 256 bits. They are also called shared-secret key algorithms. They are relatively slow because they are based on difficult computational algorithms.
They are relatively slow because they are based on difficult computational algorithms.
If an asymmetric algorithm uses a public key to encrypt data, what is used to decrypt it? Question options: DH a private key a digital certificate a different public key
a private key
What are the two important components of a public key infrastructure (PKI) used in network security? (Choose two.) Question options: intrusion prevention system certificate authority digital certificates pre-shared key generation symmetric encryption algorithms topological index
certificate authority digital certificates
The following message was encrypted using a Caesar cipher with a key of 2: fghgpf vjg ecuvng What is the plaintext message?? Question options: defend the region invade the castle defend the castle invade the region
defend the castle
Which requirement of secure communications is ensured by the implementation of MD5 or SHA hash generating algorithms? Question options: confidentiality authentication integrity nonrepudiation
integrity
Which type of attack does the use of HMACs protect against? Question options: DoS DDoS brute force man-in-the-middle
man-in-the-middle
A customer purchases an item from an e-commerce site. The e-commerce site must maintain proof that the data exchange took place between the site and the customer. Which feature of digital signatures is required? Question options: authentication confidentiality integrity nonrepudiation of the transaction
nonrepudiation of the transaction
A customer purchases an item from an e-commerce site. The e-commerce site must maintain proof that the data exchange took place between the site and the customer. Which feature of digital signatures is required? Question options: authenticity of digitally signed data integrity of digitally signed data nonrepudiation of the transaction confidentiality of the public key
nonrepudiation of the transaction
What is the purpose of the DH algorithm? Question options: to provide nonrepudiation support to support email data confidentiality to encrypt data traffic after a VPN is established to generate a shared secret between two hosts that have not communicated before To Secure Hash Algorithm 1 To Provide a Transport Layer Security
to generate a shared secret between two hosts that have not communicated before
What is the reason for HMAC to use an additional secret key as input to the hash function? Question options: to provide encryption to provide authentication to provide integrity verification to prevent DoS attacks
to provide authentication