security+ Advanced Cryptography - Chapter 12
A. to verify the authenticity of the Registration Authorizer
Digital certificates can be used for each of the following except __________. A. to verify the authenticity of the Registration Authorizer B. to verify the identity of clients and servers on the Web C. to encrypt messages for secure e-mail communications D. to encrypt channels to provide secure communication between clients and servers
A. Authorization
Which of the following is not part of the certificate life cycle? A. Authorization B. Creation C. Expiration D. Revocation
A. in hashes
Which of the following is not where keys can be stored? A. in hashes B. on the user's local system C. embedded in digital certificates D. in tokens
D. Key escrow
__________ refers to a situation in which keys are managed by a third party, such as a trusted CA. A. Remote key administration B. Trusted key authority C. Key authorization D. Key escrow
D. Certificate Repository (CR)
A centralized directory of digital certificates is called a(n) __________. A. Digital Signature Approval List (DSAP) B. Digital Signature Permitted Authorization (DSPA) C. Authorized Digital Signature (ADS) D. Certificate Repository (CR)
B. the user's identity with their public key
A digital certificate associates __________. A. a private key with a digital signature B. the user's identity with their public key C. a user's private key with the public key D. a user's public key with their private key
C. Extended Validation SSL Certificate
A digital certificate that turns the address bar green is a(n) __________. A. X.509 certificate B. Advanced Web Server Certificate (AWSC) C. Extended Validation SSL Certificate D. Personal Web-Client Certificate
A. certificate policy (CP)
A(n) __________ is a published set of rules that govern the operation of a PKI. A. certificate policy (CP) B. certificate practice statement (CPS) C. signature resource guide (SRG) D. enforcement certificate (EF)
D. is the management of digital certificate
Public Key Infrastructure (PKI) __________. A. creates private key cryptography B. requires the use of an RA instead of a CA C. generates public/private keys automatically D. is the management of digital certificate
D. are widely accepted in the industry
Public-key Cryptography Standards (PKCS) __________. A. are used to create public keys only B. define how hashing algorithms are created C. have been replaced by PKI D. are widely accepted in the industry
C. third
The __________-party trust model supports CA. A. first B. second C. third D. fourth
D. digital certificate
The strongest technology that would assure Alice that Bob is the sender of a message is a(n) ___________. A. digital signature B. encrypted signature C. hash D. digital certificate
C. HTTPS
What is the cryptographic transport protocol that is used most often to secure Web transactions? A. SHTTP B. PPPTPoE C. HTTPS D. MD-17
B. CA expiration code
Each of the following is a field of an X.509 certificate except __________. A. validity period B. CA expiration code C. serial number D. Signature
D. Certificate Authority (CA)
An entity that issues digital certificates is a ______________. A. Certificate Signatory (CS) B. Signature Authority (SA) C. Digital Signer (DS) D. Certificate Authority (CA)
B. server digital certificate
In order to ensure a secure cryptographic connection between a Web browser and a Web server, a(n) _________ would be used. A. e-mail Web certificate B. server digital certificate C. personal digital certificate D. Web digital certificate
A. are used in military and financial settings when it is necessary for the client to authenticate back to the server
Dual-sided digital certificates __________. A. are used in military and financial settings when it is necessary for the client to authenticate back to the server B. are the same as dual-key digital certificates C. are required under PKCS #1 D. require a special browser
B. it is designed for use on a large scale.
Each of the following is true regarding a hierarchical trust model except __________. A. it assigns a signal hierarchy with one master CA B. it is designed for use on a large scale C. the master CA is called the root D. the root signs all digital certificate authorities with a single key
A. IPsec
Which transport encryption algorithm is integrated as part of IPv6? A. IPsec B. SSH C. SSL/TLS D. RSA
A. Secure Shell (SSH)
__________ is a protocol for securely accessing a remote computer. A. Secure Shell (SSH) B. Secure Sockets Layer (SSL) C. Secure Hypertext Transport Protocol (SHTTP) D. Transport Layer Security (TLS)