Question 1

What is the name for an organization that receives, authenticates, and processes certificate revocation requests?&#10;A)Registration Authority&#10;B)Certificate Authority&#10;C)Repudiation Authority&#10;D)Intermediate Authority

Accepted Answer

A Registration Authority (RA) is responsible for receiving certificate revocation requests and authenticating them before passing them on to the Certificate Authority (CA) for processing. The RA is an intermediate authority between the end-user and the CA, and its role is to ensure that the requests are valid and come from authorized sources.

Question 2

A framework for all of the entities involved in digital certificates for digital certificate management is known as:&#10;A)Public key infrastructure&#10;B)Network key infrastructure&#10;C)Private key infrastructure&#10;D)Shared key infrastructure

Accepted Answer

Public key infrastructure (PKI) is a framework that enables secure communication over the internet through the use of digital certificates. It involves the use of a public key to encrypt and a private key to decrypt messages. PKI includes all the entities that are involved in digital certificate management, such as certificate authorities, registration authorities, and end-users.

Question 3

What protocol, developed by Netscape in 1994, is designed to create an encrypted data path between a client and server that could be used on any platform or operating system?&#10;A)SSL&#10;B)TLS&#10;C)PEAP&#10;D)EAP

Accepted Answer

SSL (Secure Socket Layer) was developed by Netscape in 1994 and is designed to create an encrypted data path between a client and server that could be used on any platform or operating system. TLS (Transport Layer Security) is a newer version of SSL and essentially serves the same purpose, but with improvements in security and performance. PEAP (Protected Extensible Authentication Protocol) and EAP (Extensible Authentication Protocol) are authentication protocols and not related to encryption of data paths.

Question 4

A document that describes in detail how a CA uses and manages certificates, as well as how end users register for a digital certificate, is known as?&#10;A)Certificate practice statement (CPS)&#10;B)Certificate policy (CP)&#10;C)Lifecycle policy (LP)&#10;D)Access policy (AP)

Accepted Answer

A certificate practice statement (CPS) is a document that outlines the policies, practices, and procedures that a Certification Authority (CA) follows in issuing and managing digital certificates. The CPS typically includes information on how end users can register for and obtain certificates, as well as measures that the CA uses to ensure the security and validity of the certificates.

Question 5

Why is IPsec considered to be a transparent security protocol?&#8203;&#10;A)&#8203;IPsec packets can be viewed by anyone&#10;B)&#8203;IPsec is designed to not require modifications of programs, or additional training, or additional client setup&#10;C)&#8203;IPsec's design and packet header contents are open sourced technologies&#10;D)&#8203;IPsec uses the Transparent Encryption (TE) algorithm

Accepted Answer

IPsec is considered a transparent security protocol because it is designed to not require modifications of programs, additional training, or additional client setup. This means that it can be seamlessly integrated into existing networks without disrupting operations or requiring significant changes to the infrastructure.

Question 6

What kind of certificate is typically used by an individual to secure e-mail transmissions?&#10;A)Private digital&#10;B)Personal digital&#10;C)Public digital&#10;D)Server digital

Accepted Answer

A personal digital certificate is typically used by an individual to secure their email transmissions. It is issued to an individual, rather than an organization or a server, and is used for encrypting and digitally signing emails. Private digital certificates are not typically used for email security, and server digital certificates are used to secure communication between a server and client, not individual email transmissions. Public digital certificates are used to verify the authenticity of a website, not for email security.

Question 7

&#8203;Select below the secure alternative to the telnet protocol:&#10;A)&#8203;HTTPS&#10;B)&#8203;TLS&#10;C)&#8203;IPsec&#10;D)&#8203;SSH

Accepted Answer

SSH (Secure Shell) is a secure alternative to telnet that provides encrypted communication, authentication, and integrity checking of messages. HTTPS (HyperText Transfer Protocol Secure) is used for secure communication over the internet, but it is not a replacement for telnet as it is typically used for web browsing. TLS (Transport Layer Security) and IPsec (Internet Protocol Security) are also used for securing communication, but they do not directly replace telnet.

Question 8

Digital signatures actually only show that the public key labeled as belonging to the person was used to encrypt the digital signature.

Accepted Answer

Digital signatures are used to verify the authenticity of a digital message or document. They work by encrypting the message or document using the private key of the sender. The recipient of the message or document can then use the sender's public key to decrypt the message or document and verify that it was sent by the sender.

Question 9

Because of the limitations of a hierarchical trust model, what type of trust model is used for CAs on the Internet?&#10;A)third-party trust&#10;B)related trust&#10;C)managed trust&#10;D)distributed trust

Accepted Answer

The limitations of a hierarchical trust model led to the adoption of a distributed trust model for CAs on the Internet. In this model, multiple CAs are trusted and share certificates with each other, creating a web of trust. This allows for greater flexibility and redundancy in the system, reducing the risk of a single point of failure.

Question 10

Select below the type of certificate that is often issued from a server to a client, with the purpose of ensuring the authenticity of the server:&#10;A)Personal digital&#10;B)Public digital&#10;C)Private digital&#10;D)Server digital

Accepted Answer

The type of certificate that is often issued from a server to a client, with the purpose of ensuring the authenticity of the server is a server digital certificate. This type of certificate verifies the identity of the server and ensures that the communication between the server and client is secure.

Question 11

What type of trust model has a single CA that acts as a facilitator to interconnect all other CAs?&#10;A)bridge trust&#10;B)distributed trust&#10;C)third-party trust&#10;D)transitive trust

Accepted Answer

The answer of What type of trust model has a...

Question 12

What type of cryptographic algorithm can be used to ensure the integrity of a file's contents?&#10;A)Blocking&#10;B)Hashing&#10;C)Encrypting&#10;D)Cloning

Accepted Answer

The answer of What type of cryptographic algorithm can be...

Question 13

The process by which keys are managed by a third party, such as a trusted CA, is known as?&#10;A)Key escrow&#10;B)Key destruction&#10;C)Key renewal&#10;D)Key management

Accepted Answer

The answer of The process by which keys are managed...

Question 14

&#8203;SSL and TLS keys of what length are generally considered to be strong?&#10;A)&#8203;128&#10;B)&#8203;1024&#10;C)&#8203;2048&#10;D)&#8203;4096

Accepted Answer

The answer of &#8203;SSL and TLS keys of what length...

Question 15

The vulnerability discovered in IPsec in early 2014 was nicknamed Heartbleed, due to an issue with a heartbeat extension in the protocol.

Accepted Answer

The answer of The vulnerability discovered in IPsec in early...

Question 16

The Encapsulating Security Payload (ESP) protocol ensures IPsec's confidentiality.&#8203;

Accepted Answer

The answer of The Encapsulating Security Payload (ESP) protocol ensures...

Question 17

Public keys can be stored by embedding them within digital certificates, while private keys can be stored on the user's local system.

Accepted Answer

The answer of Public keys can be stored by embedding...

Question 18

The Authentication Header (AH) protocol is a part of what encryption protocol suite below?&#8203;&#10;A)&#8203;TLS 3.0&#10;B)&#8203;IPSec&#10;C)GPG&#10;D)&#8203;SSL

Accepted Answer

The answer of The Authentication Header (AH) protocol is a...

Question 19

Digital certificates cannot be used to identify objects other than users.

Accepted Answer

The answer of Digital certificates cannot be used to identify...

Question 20

What protocol below supports two encryption modes: transport and tunnel?&#10;A)HTTPS&#10;B)IPSec&#10;C)SSL&#10;D)TLS

Accepted Answer

The answer of What protocol below supports two encryption modes:...

Question 21

Key ____________________ dates prevent an attacker who may have stolen a private key from being able to decrypt messages for an indefinite period of time.

Accepted Answer

The answer of Key ____________________ dates prevent an attacker who...

Question 22

Match the following terms to the appropriate definitions.
a. Bridge trust model
b. Certificate Authority (CA)
c. Certificate Repository
d. Digital certificate
e. Distributed trust model
f. key escrow
g. Public key Infrastructure (PKI)
h. Session keys
i. Third-party trust
j. Trust model
A technology used to associate a user's identity to a public key, in which the user's public key is digitally signed by trusted third party.

Accepted Answer

The answer of Match the following terms to the appropriate...

Question 23

Match the following terms to the appropriate definitions.
a. Bridge trust model
b. Certificate Authority (CA)
c. Certificate Repository
d. Digital certificate
e. Distributed trust model
f. key escrow
g. Public key Infrastructure (PKI)
h. Session keys
i. Third-party trust
j. Trust model
A publicly accessible centralized directory of digital certificates that can be used to view the status of a digital certificate

Accepted Answer

The answer of Match the following terms to the appropriate...

Question 24

A(n) ____________________ trust model can be used in an organization where one CA is responsible for only the digital certificates for that organization.

Accepted Answer

The answer of A(n) ____________________ trust model can be used...

Question 25

Select below the term that is used to describe a trusted third-party agency that is responsible for issuing digital certificates:&#10;A)Registration Authority&#10;B)Delegation Authority&#10;C)Certification Authority&#10;D)Participation Authority

Accepted Answer

The answer of Select below the term that is used...

Question 26

Match the following terms to the appropriate definitions.
a. Bridge trust model
b. Certificate Authority (CA)
c. Certificate Repository
d. Digital certificate
e. Distributed trust model
f. key escrow
g. Public key Infrastructure (PKI)
h. Session keys
i. Third-party trust
j. Trust model
A trust model with one CA that acts as a facilitator to interconnect all other CAs

فتح الحزمة

افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.

فتح الحزمة

k this deck

Accepted Answer

The answer of Match the following terms to the appropriate...

Question 27

At what stage can a certificate no longer be used for any type of authentication?&#10;A)creation&#10;B)suspension&#10;C)revocation&#10;D)expiration

Accepted Answer

The answer of At what stage can a certificate no...

Question 28

In the SSH suite, the ____________________ command allows a user to copy files between remote computers.
Match the following terms to the appropriate definitions.
a.Bridge trust model
b.Certificate Authority (CA)
c.Certificate Repository
d.Digital certificate
e.Distributed trust model

Accepted Answer

The answer of In the SSH suite, the ____________________ command...

Question 29

When two individuals trust each other because of the trust that exists between the individuals and a separate entity, what type of trust has been established?&#10;A)web of&#10;B)mutual&#10;C)third-party&#10;D)distributed

Accepted Answer

The answer of When two individuals trust each other because...

Question 30

Match the following terms to the appropriate definitions.
a. Bridge trust model
b. Certificate Authority (CA)
c. Certificate Repository
d. Digital certificate
e. Distributed trust model
f. key escrow
g. Public key Infrastructure (PKI)
h. Session keys
i. Third-party trust
j. Trust model
A technology used to associate a user's identity to a public key, in which the user's public key is digitally signed by trusted third party.

Accepted Answer

The answer of Match the following terms to the appropriate...

Question 31

Using what mechanism below can the non-repudiation of an e-mail and its content be enforced?&#10;A)Symmetric encryption&#10;B)Private encryption&#10;C)Asymmetric encryption&#10;D)Elliptic encryption

Accepted Answer

The answer of Using what mechanism below can the non-repudiation...

Question 32

Match the following terms to the appropriate definitions.
a. Bridge trust model
b. Certificate Authority (CA)
c. Certificate Repository
d. Digital certificate
e. Distributed trust model
f. key escrow
g. Public key Infrastructure (PKI)
h. Session keys
i. Third-party trust
j. Trust model
A technology used to associate a user's identity to a public key, in which the user's public key is digitally signed by trusted third party.

Accepted Answer

The answer of Match the following terms to the appropriate...

Question 33

What cryptographic transport algorithm is considered to be significantly more secure than SSL?&#10;A)AES&#10;B)HTTPS&#10;C)ESSL&#10;D)TLS

Accepted Answer

The answer of What cryptographic transport algorithm is considered to...

Question 34

Match the following terms to the appropriate definitions.
a. Bridge trust model
b. Certificate Authority (CA)
c. Certificate Repository
d. Digital certificate
e. Distributed trust model
f. key escrow
g. Public key Infrastructure (PKI)
h. Session keys
i. Third-party trust
j. Trust model
A publicly accessible centralized directory of digital certificates that can be used to view the status of a digital certificate

Accepted Answer

The answer of Match the following terms to the appropriate...

Question 35

Match the following terms to the appropriate definitions.
a. Bridge trust model
b. Certificate Authority (CA)
c. Certificate Repository
d. Digital certificate
e. Distributed trust model
f. key escrow
g. Public key Infrastructure (PKI)
h. Session keys
i. Third-party trust
j. Trust model
A technology used to associate a user's identity to a public key, in which the user's public key is digitally signed by trusted third party.

Accepted Answer

The answer of Match the following terms to the appropriate...

Question 36

In the SSH suite, the ____________________ command allows a user to log on to a remote computer.

Accepted Answer

The answer of In the SSH suite, the ____________________ command...

Question 37

A sensitive connection between a client and a web server uses what class of certificate?&#10;A)Class 1&#10;B)Class 2&#10;C)Class 3&#10;D)Class 4

Accepted Answer

The answer of A sensitive connection between a client and...

Question 38

____________________ may be defined as confidence in or reliance on another person or entity.

Accepted Answer

The answer of ____________________ may be defined as confidence in...

Question 39

Match the following terms to the appropriate definitions.
a. Bridge trust model
b. Certificate Authority (CA)
c. Certificate Repository
d. Digital certificate
e. Distributed trust model
f. key escrow
g. Public key Infrastructure (PKI)
h. Session keys
i. Third-party trust
j. Trust model
Symmetric keys to encrypt and decrypt information exchanged during a handshake session between a web browser and web server

Accepted Answer

The answer of Match the following terms to the appropriate...

Question 40

Match the following terms to the appropriate definitions.
a. Bridge trust model
b. Certificate Authority (CA)
c. Certificate Repository
d. Digital certificate
e. Distributed trust model
f. key escrow
g. Public key Infrastructure (PKI)
h. Session keys
i. Third-party trust
j. Trust model
A publicly accessible centralized directory of digital certificates that can be used to view the status of a digital certificate

Accepted Answer

The answer of Match the following terms to the appropriate...

Question 41

List two requirements for verification of an EV SSL.

Accepted Answer

The answer of List two requirements for verification of an...

Question 42

List the four stages of a certificate life cycle.

Accepted Answer

The answer of List the four stages of a certificate...

Question 43

List the three PKI trust models that use a CA.

Accepted Answer

The answer of List the three PKI trust models that...

Question 44

Explain how digital certificates are managed.

Accepted Answer

The answer of Explain how digital certificates are managed....

Question 45

Discuss the three areas of protection that are provided by IPsec.

Accepted Answer

The answer of Discuss the three areas of protection that...

Question 46

Explain the difference between key revocation versus key suspension.

Accepted Answer

The answer of Explain the difference between key revocation versus...

Question 47

List and describe the entities for which IPsec is transparent.

Accepted Answer

The answer of List and describe the entities for which...

Question 48

List three general duties of a CA.

Accepted Answer

The answer of List three general duties of a CA....

Question 49

Match the following terms to the appropriate definitions.
a. Bridge trust model
b. Certificate Authority (CA)
c. Certificate Repository
d. Digital certificate
e. Distributed trust model
f. key escrow
g. Public key Infrastructure (PKI)
h. Session keys
i. Third-party trust
j. Trust model
Symmetric keys to encrypt and decrypt information exchanged during a handshake session between a web browser and web server

Accepted Answer

The answer of Match the following terms to the appropriate...

Question 50

Identify the general duties of an RA.

Accepted Answer

The answer of Identify the general duties of an RA....

Deck 6: Advanced Cryptography