Quiz: Module 07 Public Key Infrastructure and Cryptographic Protocols
What is the strongest technology that would assure Alice that Bob is the sender of a message?
(NOT)Encrypted signature Digital certificate Digital signature Digest
Juan needs a certificate that must only authenticate that a specific organization has the right to use a particular domain name. What type of certificate does he need?
.P12 (NOT) .cer .xdr .P7B
Which is an IPsec protocol that authenticates that packets received were sent from the source?
AH
What is the name of the device protected by a digital certificate?
CN (NOT)RCR V2X2 TLXS
Which block cipher mode of operating requires that both the message sender and receiver access a counter that computes a new value whenever a ciphertext block is exchanged?
CTR
What is the name of the fields in an X.509 digital certificate that are used when the parties negotiate a secure connection?
Certificate attributes (NOT)PFX CTR Electronic Code Book (ECB) repositories
Who verifies the authenticity of a CSR?
Certificate authority Signature authority Registration authority (NOT)Certificate signatory
A centralized directory of digital certificates is called a(n) _____.
Digital signature permitted authorization (DSPA) Certificate repository (CR) (NOT)Authorized digital signature (ADS) Digital signature approval List (DSAP)
Which is the first step in a key exchange?
The browser generates a random value ("pre-master secret"). The web browser verifies the server certificate. The web browser sends a message ("ClientHello") to the server. (NOT)The web server sends a message ("ServerHello") to the client.
What is the purpose of certificate chaining?
To hash the private key To group and verify digital certificates To ensure that a web browser has the latest root certificate updates (NOT)To look up the name of intermediate RA
Which of the following can a digital certificate NOT be used for?
To verify the authenticity of the CA (NOT)To verify the identity of clients and servers on the Web To encrypt messages for secure email communications To encrypt channels to provide secure communication between clients and servers
Which of the following is NOT a means by which a newly approved root digital certificate is distributed?
b. Application updates
What entity calls in crypto modules to perform cryptographic tasks?
b. Crypto service provider
What is the file extension for a Cryptographic Message Syntax Standard based on PKCS#7 that defines a generic syntax for defining digital signature and encryption?
b. Domain validation
Olivia is explaining to a friend about digital certificates. Her friend asks what two entities a digital certificate associates or binds together. What would Olivia say?
b. The user's identity with their public key
Which refers to a situation in which keys are managed by a third party, such as a trusted CA?
c. Key escrow
Elton needs his application to perform a real-time lookup of a digital certificate's status. Which technology would he use?
d. Online Certificate Status Protocol (OCSP)
Which is a protocol for securely accessing a remote computer in order to issue a command?
d. Secure Shell (SSH)
_____ are symmetric keys to encrypt and decrypt information exchanged during the session and to verify its integrity.
d. Session keys
