Module 7 Textbook & Quiz | ITE-249-02 Public Key Infrastructure and Cryptographic Protocols

Ace your homework & exams now with Quizwiz!

7. Olivia is explaining to a friend about digital certificates. Her friend asks what two entities a digital certificate associates or binds together. What would Olivia say? a. The user's symmetric key with the public key b. The user's identity with their public key c. A private key with a digital signature d. The user's public key with their private key

b. The user's identity with their public key

8. Which of the following can a digital certificate NOT be used for? a. To encrypt channels to provide secure communication between clients and servers b. To verify the authenticity of the CA c. To encrypt messages for secure email communications d. To verify the identity of clients and servers on the Web

b. To verify the authenticity of the CA

11. Elton needs his application to perform a real-time lookup of a digital certificate's status. Which technology would he use? a. Online Certificate Status Protocol (OCSP) b. Certificate Revocation List (CRL) c. Real-Time CA Verification (RTCAV) d. Staple

a. Online Certificate Status Protocol (OCSP)

3. Choose which statement is wrong by applying your knowledge from the reading. a. SSL is a replacement cryptographic protocol for TLS. b. A cipher suite is a named combination of the encryption, authentication, and message authentication code (MAC) algorithms that are used with TLS. c. S/MIME is a protocol for securing email messages.

a. SSL is a replacement cryptographic protocol for TLS.

20. Which is a protocol for securely accessing a remote computer in order to issue a command? a. Secure Shell (SSH) b. Secure Hypertext Transport Protocol (SHTTP) c. Transport Layer Security (TLS) d. Secure Sockets Layer (SSL)

a. Secure Shell (SSH)

9. Who verifies the authenticity of a CSR? a. Certificate authority b. Registration authority c. Signature authority d. Certificate signatory

b. Registration authority

4. Choose which statement is wrong by applying your knowledge from the reading. a. Three primary characteristics determine the resiliency of the key to attacks (called key strength). b. Counter (CTR) mode requires that both the message sender and receiver access a counter, which computes a new value each time a ciphertext block is exchanged. c. A block cipher mode of operation specifies how block ciphers should handle streams.

c. A block cipher mode of operation specifies how block ciphers should handle streams.

1. Choose which statement is wrong by applying your knowledge from the reading. a. Root digital certificates are self-signed. b. A certificate repository (CR) is a publicly accessible centralized directory of digital certificates that can be used to view the status of a digital certificate. c. A digital certificate is a technology used to associate a user's identity to a public key and that has been digitally signed by the owner of the private key.

c. A digital certificate is a technology used to associate a user's identity to a public key and that has been digitally signed by the owner of the private key.

1. Which is an IPsec protocol that authenticates that packets received were sent from the source? a. PXP b. CER c. AH d. DER

c. AH

14. Which block cipher mode of operating requires that both the message sender and receiver access a counter that computes a new value whenever a ciphertext block is exchanged? a. CN b. CD c. CTR d. CXL

c. CTR

17. Juan needs a certificate that must only authenticate that a specific organization has the right to use a particular domain name. What type of certificate does he need? a. Website validation b. Extended validation c. Domain validation d. Root

c. Domain validation

19. Which refers to a situation in which keys are managed by a third party, such as a trusted CA? a. Remote key administration b. Trusted key authority c. Key escrow d. Key authorization

c. Key escrow

4. _____ are symmetric keys to encrypt and decrypt information exchanged during the session and to verify its integrity. a. Encrypted signatures b. Digital digests c. Digital certificates d. Session keys

d. Session keys

13. Which of the following is NOT a means by which a newly approved root digital certificate is distributed? a. Application updates b. OS updates c. Pinning d. Web browser updates

a. Application updates

18. How is confidentiality achieved through IPsec? a. ESP b. ISAKMP c. AuthX d. AHA

a. ESP

15. Which is the first step in a key exchange? a. The web browser sends a message ("ClientHello") to the server. b. The web browser verifies the server certificate. c. The browser generates a random value ("pre-master secret"). d. The web server sends a message ("ServerHello") to the client.

a. The web browser sends a message ("ClientHello") to the server.

12. What is the purpose of certificate chaining? a. To group and verify digital certificates b. To hash the private key c. To lookup the name of intermediate RA d. To ensure that a web browser has the latest root certificate updates

a. To group and verify digital certificates

6. What is the strongest technology that would assure Alice that Bob is the sender of a message? a. Digital signature b. Digital certificate c. Digest d. Encrypted signature

b. Digital certificate

2. Choose which statement is wrong by applying your knowledge from the reading. a. An OID, which names an object or entity, corresponds to a node in a hierarchy tree structure. OIDs can name every object type in an X.509 certificate. b. The hierarchical trust model assigns a single hierarchy with one master CA called the root. c. When a digital certificate is revoked, the user must update internal records and any CRL with the required certificate information and time stamp.

c. When a digital certificate is revoked, the user must update internal records and any CRL with the required certificate information and time stamp.

16. What is the file extension for a Cryptographic Message Syntax Standard based on PKCS#7 that defines a generic syntax for defining digital signature and encryption? a. .cer b. .P12 c. .xdr d. .P7B

d. .P7B

5. What is the name of the device protected by a digital certificate? a. TLXS b. RCR c. V2X2 d. CN

d. CN

2. What is the name of the fields in an X.509 digital certificate that are used when the parties negotiate a secure connection? a. Electronic Code Book (ECB) repositories b. PFX c. CTR d. Certificate attributes

d. Certificate attributes

10. A centralized directory of digital certificates is called a(n) _____. a. Digital signature approval List (DSAP) b. Digital signature permitted authorization (DSPA) c. Authorized digital signature (ADS) d. Certificate repository (CR)

d. Certificate repository (CR)

3. What entity calls in crypto modules to perform cryptographic tasks? a. Intermediate CA b. Certificate Authority (CA) c. OCSP d. Crypto service provider

Module 7 Textbook & Quiz | ITE-249-02 Public Key Infrastructure and Cryptographic Protocols

Related study sets

Chondrosarcoma

CH 7

Chapter 6- IE

Chapter 5: Adult Health and Nutritional Assessment 2

MPAO Ch 11

Chapter 13 Medical Terminology Quiz

Chapter 14 reading assigment

Ocean Composition

Chapter 3 InQuizitive Assignment: Culture and Society

Topic 1 Biology Review

Bio Ch 17

Econ Week 12

CISA 2306 - CH 02

Medication Administration Oral Skill (See Skill 21.1 on p523 as well)

College Personal Finance

W3Schools PHP

Genetics Exam 4

IF1 - Chapter 4 - Insurable Interest

review for medsurg exam #2

Exam 1 Chapters 6,10,11,12 NRS230