Module 7
What is the file extension for a Cryptographic Message Syntax Standard based on PKCS#7 that defines a generic syntax for defining digital signature and encryption?
.P7B
Which refers to a situation in which keys are managed by a third party, such as a trusted CA? A. Key authorization B. Key escrow C. Remote key administration D. Trusted key authority
B. Key escrow
Which is a protocol for securely accessing a remote computer in order to issue a command? A. Transport Layer Security (TLS) B. Secure Shell (SSH) C. Secure Sockets Layer (SSL) D. Secure Hypertext Transport Protocol (SHTTP)
B. Secure Shell (SSH)
Which of the following is NOT a means by which a newly approved root digital certificate is distributed? A. Pinning B. OS updates C. Application updates D. Web browser updates
C. Application updates
Which of the following can a digital certificate NOT be used for? A. To encrypt messages for a secure email communications B. To encrypt channels to provide secure communication between clients and servers C. To verify the authenticity of the CA D. To verify the identity of clients and servers on the web
C. To verify the authenticity of the CA
What is the name of the fields in an X.509 digital certificate that are used when the parties negotiate a secure connection?
Certificate Attributes
A centralized directory of digital certificates is called a(n) _____.
Certificate Repository (CR)
What is the name of the device protected by a digital certificate?
Common Name (CN)
Which block cipher mode of operating requires that both the message sender and receiver access a counter that computers a new value whenever a ciphertext block is exchanged?
Counter (CTR)
What entity calls in crypto modules to perform cryptographic tasks?
Cypto service providers
Which is an IPsec protocol that authenticates that packets received were sent from the source? A. PXP B. DER C. CER D. AH
D. AH
Which is the first step in a key exchange? A. The browser generates a random value ("pre-master secret") B. The web server sends a message ("ServerHello") to the client C. The web browser verifies the server certificate D. The web browser sends a message ("ClientHello") to the server
D. The web browser sends a message ("ClientHello") to the server
What is the strongest technology that would assure Alice that Bob is the sender of a message?
Digital certificates
Juan needs a certificate that must only authenticate that a specific organization has the right to use a particular domain name. What type of certificate does he need?
Domain Validation
How is confidentiality achieved through IPsec?
ESP
Elton needs his application to perform a real-time lookup of a digital certificate's status. Which technology would he use?
Online Certificate Status Protocol
___________ are symmetric keys to encrypt and decrypt information exchanged during the session and to verify its integrity.
Session Keys
Olivia is explaining to a friend about digital certificates. Her friend asks what two entities a digital certificate associates or binds together. What would Olivia say?
The user's identity with their public key
What is the purpose of certificate chaining?
To group and verify digital certificates
Who verifies the authenticity of a CSR?
registration authority
