ch 14 PKI and Encryption Protocols

Question 1

Internet Protocol Security (IPsec)

Answer 1

ex Security association Authentication header (AH): Encapsulating Security Payload (ESP):

Question 2

SA

Answer 2

his is the establishment of secure connections
and shared security information, using either certificates or cryptographic
keys.

Question 3

AH

Answer 3

This offers integrity and authentication

Question 4

ESP

Answer 4

This provides integrity, confidentiality,

and authenticity of packets.

Question 5

Certificates

Answer 5

are digitally signed electronic documents that bind a public key with a
user identity.

X.509 standard,

Question 6

ca issues certificates

Answer 6

In a PKI system that uses a CA, the CA is known as a trusted third party.
Most PKI systems use a CA. The CA

Question 7

a registration authority (RA)

Answer 7

is used to verify requests for certificates.

If the request is deemed valid, the RA informs the CA to issue the certificate

Question 8

certificate revocation list (CRL)

Answer 8

list of certificates that are no longer valid
or that have been revoked by the issuer.
carry digital signatures to prevent DoS and
spoofing attacks; the CRL is digitally signed by the CA.

Question 9

web of trust

Answer 9

public authentication of public keys common to CA-based PKIs.