Sec+ Ch.4 HW

Which of these is NOT part of the certificate life cycle?

authorization** expiration creation revocation

Which trust model has multiple CAs, one of which acts as a facilitator?

bridge ** web distributed hierarchical

An entity that issues digital certificates is a ____.

Certificate Signatory (CS) Digital Signer (DS) Signature Authority (SA) Certificate Authority (CA)**

Which of the following block ciphers XORs each block of plaintext with the previous block of ciphertext before being encrypted?

Counter (CTR) Electronic Code Book (ECB) Galois/Counter (GCM) Cipher Block Chaining (CBC)**

a centralized directory of digital certificates is called a(n)____.

Digital Signature Permitted Authorization (DSPA) Authorized Digital Signature (ADS) Digital Signature Approval List (DSAP) Certificate Repository (CR)**

_____ performs a real-time lookup of a digital certificate's status.

Real-time CA Verification (RTCAV) Certificate Revocation List (CRL) Online Certificate Status Protocol (OCSP)** CA Registry Database (CARD)

A digital certificate associates____.

a user's public key with his private key a private key with a digital signature a user's private key with the public key the user's identity with his public key**

_____ are symmetric keys to encrypt and decrypt information exchanged during the session and to verify its integrity.

digital digest encrypted signatures session keys** digital certificates

Which statement is NOT true regarding hierarchical trust models?

it assigns a single hierarchy with one master CA the root signs all digital certificate authorities with a single key the master CA is called the root it is designed for use on a large scale**

Digital certificates can be used for each of these EXCEPT _____.

to verify the authenticity of the Registration Authorizer** to verify the identity of clients and servers on the web to encrypt channels to provide secure communication between clients and servers to encrypt messages for secure email communications

_____ is a protocol for securely accessing a remote computer.

Transport Layer Security (TLS) Secure Socket Layer (SSL) Secure Hypertext Transport Protocol (SHTTP) Secure Shell (SSH)**

_____ refers to a situation in which keys are managed by a third party, such as a trusted CA.

Trusted key authority Key escrow** Key authorization Remote key administration

What entity calls in crypto modules to perform cryptographic tasks?

Certificate Authority (CA) OCSP Chain Crypto service provider** Intermediate CA

Public key infrastructure (PKI) _____.

is the management of digital certificates** requires the use of an RA instead of a CA creates private key cryptography generates public/private keys automatically

Which of the following is NOT a method for strengthening a key?

randomness length variability** cryptoperiod

What is a value that can be used to ensure that hashed plaintext will not consistently result in the same digest?

salt** algorithm initialization vector (IV) nonce

A(n) _____ is a published set of rules that govern the operation of a PKI.

signature resource guide (SRG) certificate practice statement (CPS) certificate policy (CP)** enforcement certificate (EF)

Which of these is considered the strongest cryptographic transport protocol?

TLS v1.2** SSL v2.0 TLS v1.0 SSL v2.0

Which digital certificate displays the name of the entity behind the website?

X.509 Certificate online certificate status certificate extended validation (EV) certificate** session certificate

The strongest technology that would assure Alice that Bob is the sender of a message is a(n) ____

digest encrypted signature digital certificate** digital signature