Advanced Cryptography

Secure Shell (*SSH*)

A Unix-based command interface and protocol for securely accessing a remote computer

Certificate Repository

A centralized directory of digital certificates is called a(n) ________.

The user's identity with their public key

A digital certificate associates _________.

Extended Validation SSL Certificate

A digital certificate that turns the address bar green is a(n) ________.

Public key infrastructure (*PKI*)

A framework for all of the entries involved in digital certificates for digital certificate management

Key recovery agent (*KRA*)

A highly trusted person responsible for recovering lost or damaged digital certificates

Key escrow

A process in which keys are managed by a third party, such as a trusted *CA* called the root

Secure Socket Layer (*SSL*)

A protocol developed by Netscape for securely transmitting documents over the Internet that uses a private key to encrypt data

Transport Layer Security (*TLS*)

A protocol that is an extension of SSL and guarantees privacy and data integrity between applications

Certificate Repository (*CR*)

A publicly accessible centralized directory that contains digital certificates that can be used to view the status of a digital certificate

Certificate Revocation List (*CRL*)

A repository that lists revoked digital certificates

Hypertext Transport Protocol over Secure Socket Layer (*HTTPS*)

A secure version of HTTP sent over SSL/TLS (port 443)

IP security (*IPsec*)

A set of protocols developed to support the secure exchange of packets

Registration Authority (*RA*)

A subordinate entity designed to handle specific CA tasks such as processing certificate requests and authenticating users

M-of-N control

A technique to recover a private key by distributing parts to different individuals

Digital certificate

A technology used to associate a user's identity to a public key, in which the user's public key is "digitally signed" by a trusted third party

Third-party trust

A trust model n which two individuals trust each other because each individually trusts a third party

Hierarchical trust model

A trust model that has a single hierarchy with one master *CA*

Distributed trust model

A trust model that has multiple CAs that sign digital certificates

Bridge Trust model

A trust model with one CA that acts as a facilitator to interconnect all other CAs

Certificate Authority (*CA*)

A trusted third-party agency that is responsible for issuing the digital certificates

Direct trust

A type of trust model in which a relationship exists between two individuals because one person knows the other person

Certificate policy (*CP*)

A(n) ________ is a published set of rules that govern the operation of a PKI.

To verify the authenticity of the Registration Authorizer

Digital Certificates can be used for each of the following except _______.

is the management of digital certificates

Public key infrastructure (*PKI*) __________.

are widely accepted in the industry

Public-Key Cryptography Standards (*PKCS*) ______.

*Authorization* it includes: Creation, Suspension, Revocation, and Expiration

Which of the following is not part of the certificate life cycle?

*In hashes*, but it is stored on the user's local system, embedded in digital certificates, and in tokens

Which of the following is not where keys can be stored?

*IPsec*

Which transport encryption algorithm is integrated as part of IPv6?

Secure Shell (*SSH*) port 22

___________ is a protocol for securely accessing a remote computer.

Key escrow

____________ refers to a situation in which keys are managed by a third party, such as a trusted *CA*.

Certificate Authority

An entity that issues digital certificates is a _________.

are used in military and financial settings when it is necessary for the client to authenticate back to the server

Dual-sided digital certificates __________.

*CA expiration code* but validity period, serial number, and signature are

Each of the following is a field of an X.509 certificate except ______________.

*it is designed for use on a large scale* it assigns a signal hierarchy with one master *CA*, the master *CA* is called the root, and the root signs all digital certificate authorities with a single key

Each of the following is true regarding a hierarchical trust model except ______.

Server digital certificate

In order to ensure a secure cryptographic connection between a Web browser and a Web server, a(n) _________ would be used

Third

The _______ -party trust model supports CA

X.509

The most widely accepted format for digital certificates as defined by the International Telecommunications Union (*ITU*)

Digital certificate

The strongest technology that would assure Alice that Bob is the sender of a message is a(n) _______.

Trust model

The type of trusting relationship that can exist between individuals or entities

*HTTPS* port 443

What is the cryptographic transport protocol that is used most often to secure Web transactions?