Question 1

A(n) ____ serves as the trusted third-party agency that is responsible for issuing the digital certificates.&#10;A) RA&#10;B) DA&#10;C) CA&#10;D) PA

Accepted Answer

CA (Certificate Authority) serves as the trusted third-party agency that is responsible for issuing the digital certificates. RA (Registration Authority) is responsible for identifying and authenticating users and forwarding certificate requests to the CA. DA (Directory Authority) provides information about digital certificates and their status, while PA (Policy Authority) defines the policies and practices for a PKI system.

Question 2

The ____ model is the basis for digital certificates issued to Internet users.&#10;A) third-party trust&#10;B) related trust&#10;C) managed trust&#10;D) distributed trust

Accepted Answer

The distributed trust model is used for digital certificates issued to Internet users. This model involves the distribution of trust among multiple parties, rather than relying on a single third-party authority. This allows for greater security and reliability in the authentication of digital identities.

Question 3

____ certificates enable clients connecting to the Web server to examine the identity of the server's owner.&#10;A) Personal digital&#10;B) Public digital&#10;C) Private digital&#10;D) Server digital

Accepted Answer

Server digital certificates are used to verify the identity of a web server, allowing clients to confirm they are connecting to the legitimate server.

Question 4

A ____ trust refers to a situation in which two individuals trust each other because each trusts a third party.&#10;A) web of&#10;B) mutual&#10;C) third-party&#10;D) distributed

Accepted Answer

A third-party trust involves two individuals trusting each other because they both trust a common third party.

Question 5

Public keys can be stored by embedding them within digital certificates, while private keys can be stored on the user's local system.

Accepted Answer

This is a common method of storing public and private keys. The public key can be embedded within a digital certificate, which is then distributed to others. The private key should be kept secure on the user's local system.

Question 6

____ can verify the authenticity of the sender and enforce nonrepudiation to prove that the sender is who he claims to be and cannot deny sending it.&#10;A) Symmetric encryption&#10;B) Private encryption&#10;C) Asymmetric encryption&#10;D) Elliptic encryption

Accepted Answer

Asymmetric encryption uses a public key to encrypt the message and a private key to decrypt it. The sender signs the message with their private key, which verifies the authenticity of the sender and prevents them from denying sending it, providing nonrepudiation.

Question 7

With the ____ model, there is one CA that acts as a &#34;facilitator&#34; to interconnect all other CAs.&#10;A) bridge trust&#10;B) distributed trust&#10;C) third-party trust&#10;D) transitive trust

Accepted Answer

In a bridge trust model, there is one CA that acts as a "facilitator" to interconnect all other CAs, providing trust between them. This type of trust model allows for a more centralized control over the trust relationships within a network. The other listed options do not fit this description.

Question 8

At the ____ stage of the certificate life cycle, the certificate can no longer be used.&#10;A) creation&#10;B) suspension&#10;C) revocation&#10;D) expiration

Accepted Answer

The expiration stage is the point at which the certificate is no longer valid and can no longer be used. This is the natural end of a certificate's life cycle, after which it must be renewed, revoked, or replaced. The creation stage is the beginning of the life cycle, when the certificate is first issued. Suspension is a temporary state in which the certificate is still valid but not currently in use, while revocation is the stage at which the certificate is officially invalidated by the issuing authority.

Question 9

____ can protect the confidentiality of an e-mail message by ensuring that no one has read it.&#10;A) Public encryption&#10;B) Standard encryption&#10;C) Asymmetric encryption&#10;D) Symmetric encryption

Accepted Answer

Symmetric encryption can protect the confidentiality of an e-mail message by ensuring that no one has read it. This method uses a single key to encrypt and decrypt the message, ensuring that only the intended recipient with the corresponding key can read the message. Other forms of encryption, such as public and asymmetric encryption, can also provide confidentiality, but symmetric encryption is the most common method used for e-mail communication.

Question 10

Digital certificates cannot be used to identify objects other than users.

Accepted Answer

Digital certificates can be used to identify objects other than users, such as devices or servers. Digital certificates can be assigned to these objects to enable secure communication and authentication.

Question 11

____ involves public-key cryptography standards, trust models, and key management.&#10;A) Public key infrastructure&#10;B) Network key infrastructure&#10;C) Private key infrastructure&#10;D) Shared key infrastructure

Accepted Answer

The answer of ____ involves public-key cryptography standards, trust models,...

Question 12

Security tools function at the same layer of the Open System Interconnection (OSI) model.

Accepted Answer

The answer of Security tools function at the same layer...

Question 13

The ____ provides recommended baseline security requirements for the use and operation of CA, RA, and other PKI components.&#10;A) DP&#10;B) CP&#10;C) LP&#10;D) AP

Accepted Answer

The answer of The ____ provides recommended baseline security requirements...

Question 14

The ____ function is a subordinate entity designed to handle specific CA tasks such as processing certificate requests and authenticating users.&#10;A) Registration Authority&#10;B) Certificate Authority&#10;C) Repudiation Authority&#10;D) Intermediate Authority

Accepted Answer

The answer of The ____ function is a subordinate entity...

Question 15

Cryptography cannot protect data as it is being transported across a network.

Accepted Answer

The answer of Cryptography cannot protect data as it is...

Question 16

Digital signatures actually only show that the public key labeled as belonging to person was used to encrypt the digital signature.

Accepted Answer

The answer of Digital signatures actually only show that the...

Question 17

____ can be used to ensure the integrity of a file by guaranteeing that no one has tampered with it.&#10;A) Blocking&#10;B) Hashing&#10;C) Encrypting&#10;D) Cloning

Accepted Answer

The answer of ____ can be used to ensure the...

Question 18

The primary function of a(n) ____ is to verify the identity of the individual.&#10;A) RA&#10;B) CA&#10;C) DA&#10;D) PA

Accepted Answer

The answer of The primary function of a(n) ____ is...

Question 19

____ certificates are frequently used to secure e-mail transmissions and typically only require the user's name and e-mail address in order to receive this certificate.&#10;A) Private digital&#10;B) Personal digital&#10;C) Public digital&#10;D) Server digital

Accepted Answer

The answer of ____ certificates are frequently used to secure...

Question 20

A class 2 certificate is known as a ____ certificate.&#10;A) signing digital&#10;B) server digital&#10;C) personal digital&#10;D) code-signing

Accepted Answer

The answer of A class 2 certificate is known as...

Question 21

List three general duties of a CA.

Accepted Answer

The answer of List three general duties of a CA....

Question 22

____________________ may be defined as confidence in or reliance on another person or entity.

Accepted Answer

The answer of ____________________ may be defined as confidence in...

Question 23

List the three PKI trust models that use a CA.

Accepted Answer

The answer of List the three PKI trust models that...

Question 24

At the ____ stage of the certificate life cycle, the certificate is no longer valid.&#10;A) creation&#10;B) suspension&#10;C) revocation&#10;D) expiration

Accepted Answer

The answer of At the ____ stage of the certificate...

Question 25

List the four stages of a certificate life cycle.

Accepted Answer

The answer of List the four stages of a certificate...

Question 26

Key ____________________ dates prevent an attacker who may have stolen a private key from being able to decrypt messages for an indefinite period of time.

Accepted Answer

The answer of Key ____________________ dates prevent an attacker who...

Question 27

____ allows clients and the server to negotiate independently encryption, authentication, and digital signature methods, in any combination, in both directions.&#10;A) SFTP&#10;B) SHTTP&#10;C) HTTPS&#10;D) Telnets

Accepted Answer

The answer of ____ allows clients and the server to...

Question 28

Explain the difference between key revocation versus key suspension.

Accepted Answer

The answer of Explain the difference between key revocation versus...

Question 29

Explain how digital certificates are managed.

Accepted Answer

The answer of Explain how digital certificates are managed....

Question 30

List two requirements for verification of an EV SSL.

Accepted Answer

The answer of List two requirements for verification of an...

Question 31

List three pieces of information a digital certificate typically contains.

Accepted Answer

The answer of List three pieces of information a digital...

Question 32

TLS is an extension of ____.&#10;A) Telnet&#10;B) HTTP&#10;C) SSL&#10;D) FTP

Accepted Answer

The answer of TLS is an extension of ____.&#10;A) Telnet&#10;B)...

Question 33

Key ____ removes all private and public keys along with the user's identification information in the CA.&#10;A) renewal&#10;B) escrow&#10;C) generation&#10;D) destruction

Accepted Answer

The answer of Key ____ removes all private and public...

Question 34

In SSH, the ____________________ command allows a user to log on to a remote computer.

Accepted Answer

The answer of In SSH, the ____________________ command allows a...

Question 35

Key ____ refers to a process in which keys are managed by a third party, such as a trusted CA.&#10;A) escrow&#10;B) destruction&#10;C) renewal&#10;D) management

Accepted Answer

The answer of Key ____ refers to a process in...

Question 36

In SSH, the ____________________ command allows a user to copy files between remote computers.

Accepted Answer

The answer of In SSH, the ____________________ command allows a...

Question 37

A(n) ____________________ trust model can be used in an organization where one CA is responsible for only the digital certificates for that organization.

Accepted Answer

The answer of A(n) ____________________ trust model can be used...

Question 38

____ is a protocol developed by Netscape for securely transmitting documents over the Internet.&#10;A) SSL&#10;B) TLS&#10;C) PEAP&#10;D) EAP

Accepted Answer

The answer of ____ is a protocol developed by Netscape...

Question 39

Identify the general duties of an RA.

Accepted Answer

The answer of Identify the general duties of an RA....

Question 40

Discuss the three areas of protection that are provided by IPsec.

Accepted Answer

The answer of Discuss the three areas of protection that...

Question 41

List and describe the entities for which IPsec is transparent.

Accepted Answer

The answer of List and describe the entities for which...

Question 42

Match between columns&#10;                        Premises: A published set of rules that govern the operation of a PKI&#10;A published set of rules that govern the operation of a PKI&#10;A published set of rules that govern the operation of a PKI&#10;A published set of rules that govern the operation of a PKI&#10;A published set of rules that govern the operation of a PKI&#10;A published set of rules that govern the operation of a PKI&#10;A published set of rules that govern the operation of a PKI&#10;A published set of rules that govern the operation of a PKI&#10;A published set of rules that govern the operation of a PKI&#10;A technology used to associate a user's identity to a public key that has been &#34;digitally signed&#34; by a trusted third party&#10;A technology used to associate a user's identity to a public key that has been &#34;digitally signed&#34; by a trusted third party&#10;A technology used to associate a user's identity to a public key that has been &#34;digitally signed&#34; by a trusted third party&#10;A technology used to associate a user's identity to a public key that has been &#34;digitally signed&#34; by a trusted third party&#10;A technology used to associate a user's identity to a public key that has been &#34;digitally signed&#34; by a trusted third party&#10;A technology used to associate a user's identity to a public key that has been &#34;digitally signed&#34; by a trusted third party&#10;A technology used to associate a user's identity to a public key that has been &#34;digitally signed&#34; by a trusted third party&#10;A technology used to associate a user's identity to a public key that has been &#34;digitally signed&#34; by a trusted third party&#10;A technology used to associate a user's identity to a public key that has been &#34;digitally signed&#34; by a trusted third party&#10;A publicly accessible centralized directory of digital certificates that can be used to view the status of a digital certificate&#10;A publicly accessible centralized directory of digital certificates that can be used to view the status of a digital certificate&#10;A publicly accessible centralized directory of digital certificates that can be used to view the status of a digital certificate&#10;A publicly accessible centralized directory of digital certificates that can be used to view the status of a digital certificate&#10;A publicly accessible centralized directory of digital certificates that can be used to view the status of a digital certificate&#10;A publicly accessible centralized directory of digital certificates that can be used to view the status of a digital certificate&#10;A publicly accessible centralized directory of digital certificates that can be used to view the status of a digital certificate&#10;A publicly accessible centralized directory of digital certificates that can be used to view the status of a digital certificate&#10;A publicly accessible centralized directory of digital certificates that can be used to view the status of a digital certificate&#10;Encrypts only the data portion (payload) of each packet yet leaves the header unencrypted&#10;Encrypts only the data portion (payload) of each packet yet leaves the header unencrypted&#10;Encrypts only the data portion (payload) of each packet yet leaves the header unencrypted&#10;Encrypts only the data portion (payload) of each packet yet leaves the header unencrypted&#10;Encrypts only the data portion (payload) of each packet yet leaves the header unencrypted&#10;Encrypts only the data portion (payload) of each packet yet leaves the header unencrypted&#10;Encrypts only the data portion (payload) of each packet yet leaves the header unencrypted&#10;Encrypts only the data portion (payload) of each packet yet leaves the header unencrypted&#10;Encrypts only the data portion (payload) of each packet yet leaves the header unencrypted&#10;A set of protocols developed to support the secure exchange of packets&#10;A set of protocols developed to support the secure exchange of packets&#10;A set of protocols developed to support the secure exchange of packets&#10;A set of protocols developed to support the secure exchange of packets&#10;A set of protocols developed to support the secure exchange of packets&#10;A set of protocols developed to support the secure exchange of packets&#10;A set of protocols developed to support the secure exchange of packets&#10;A set of protocols developed to support the secure exchange of packets&#10;A set of protocols developed to support the secure exchange of packets&#10;Encrypts both the header and the data portion&#10;Encrypts both the header and the data portion&#10;Encrypts both the header and the data portion&#10;Encrypts both the header and the data portion&#10;Encrypts both the header and the data portion&#10;Encrypts both the header and the data portion&#10;Encrypts both the header and the data portion&#10;Encrypts both the header and the data portion&#10;Encrypts both the header and the data portion&#10;A numbered set of PKI standards that have been defined by the RSA Corporation&#10;A numbered set of PKI standards that have been defined by the RSA Corporation&#10;A numbered set of PKI standards that have been defined by the RSA Corporation&#10;A numbered set of PKI standards that have been defined by the RSA Corporation&#10;A numbered set of PKI standards that have been defined by the RSA Corporation&#10;A numbered set of PKI standards that have been defined by the RSA Corporation&#10;A numbered set of PKI standards that have been defined by the RSA Corporation&#10;A numbered set of PKI standards that have been defined by the RSA Corporation&#10;A numbered set of PKI standards that have been defined by the RSA Corporation&#10;Describes in detail how the CA uses and manages certificates&#10;Describes in detail how the CA uses and manages certificates&#10;Describes in detail how the CA uses and manages certificates&#10;Describes in detail how the CA uses and manages certificates&#10;Describes in detail how the CA uses and manages certificates&#10;Describes in detail how the CA uses and manages certificates&#10;Describes in detail how the CA uses and manages certificates&#10;Describes in detail how the CA uses and manages certificates&#10;Describes in detail how the CA uses and manages certificates

Accepted Answer

The Answer of Digital certificate and SSH and CR and is...

Deck 12: Advanced Cryptography