Sec+ Ch.4 HW
Which of these is NOT part of the certificate life cycle?
authorization** expiration creation revocation
Which trust model has multiple CAs, one of which acts as a facilitator?
bridge ** web distributed hierarchical
An entity that issues digital certificates is a ____.
Certificate Signatory (CS) Digital Signer (DS) Signature Authority (SA) Certificate Authority (CA)**
Which of the following block ciphers XORs each block of plaintext with the previous block of ciphertext before being encrypted?
Counter (CTR) Electronic Code Book (ECB) Galois/Counter (GCM) Cipher Block Chaining (CBC)**
a centralized directory of digital certificates is called a(n)____.
Digital Signature Permitted Authorization (DSPA) Authorized Digital Signature (ADS) Digital Signature Approval List (DSAP) Certificate Repository (CR)**
_____ performs a real-time lookup of a digital certificate's status.
Real-time CA Verification (RTCAV) Certificate Revocation List (CRL) Online Certificate Status Protocol (OCSP)** CA Registry Database (CARD)
A digital certificate associates____.
a user's public key with his private key a private key with a digital signature a user's private key with the public key the user's identity with his public key**
_____ are symmetric keys to encrypt and decrypt information exchanged during the session and to verify its integrity.
digital digest encrypted signatures session keys** digital certificates
Which statement is NOT true regarding hierarchical trust models?
it assigns a single hierarchy with one master CA the root signs all digital certificate authorities with a single key the master CA is called the root it is designed for use on a large scale**
Digital certificates can be used for each of these EXCEPT _____.
to verify the authenticity of the Registration Authorizer** to verify the identity of clients and servers on the web to encrypt channels to provide secure communication between clients and servers to encrypt messages for secure email communications
_____ is a protocol for securely accessing a remote computer.
Transport Layer Security (TLS) Secure Socket Layer (SSL) Secure Hypertext Transport Protocol (SHTTP) Secure Shell (SSH)**
_____ refers to a situation in which keys are managed by a third party, such as a trusted CA.
Trusted key authority Key escrow** Key authorization Remote key administration
What entity calls in crypto modules to perform cryptographic tasks?
Certificate Authority (CA) OCSP Chain Crypto service provider** Intermediate CA
Public key infrastructure (PKI) _____.
is the management of digital certificates** requires the use of an RA instead of a CA creates private key cryptography generates public/private keys automatically
Which of the following is NOT a method for strengthening a key?
randomness length variability** cryptoperiod
What is a value that can be used to ensure that hashed plaintext will not consistently result in the same digest?
salt** algorithm initialization vector (IV) nonce
A(n) _____ is a published set of rules that govern the operation of a PKI.
signature resource guide (SRG) certificate practice statement (CPS) certificate policy (CP)** enforcement certificate (EF)
Which of these is considered the strongest cryptographic transport protocol?
TLS v1.2** SSL v2.0 TLS v1.0 SSL v2.0
Which digital certificate displays the name of the entity behind the website?
X.509 Certificate online certificate status certificate extended validation (EV) certificate** session certificate
The strongest technology that would assure Alice that Bob is the sender of a message is a(n) ____
digest encrypted signature digital certificate** digital signature