Applied Cryptography Flashcards
What must be done for internal clients to trust private CA-issued certificates?
Instruction: Choose the option that best answers the question.
Answer Choices
The private CA software must be installed on each client device
The computers must be joined to an Active Directory domain
Each client device must have a smartcard reader
Install the private CA trusted root certificate on each client device
Install the private CA trusted root certificate on each client device
You have configured cryptmount for encrypted file systems in Linux. Which command can you use to view encrypted file systems that are mounted?
Instruction: Choose the option that best answers the question.
Answer Choices
mountcrypt
cryptmount
umount
mount
cryptmount
What is required to allow the enabling of an HTTPS binding?
Instruction: Choose the option that best answers the question.
Answer Choices
The server must be joined to an Active Directory domain
A DNSSEC zone
MFA token
PKI certificate
PKI certificate
You have installed a Windows Private CA, but you do not see the option of working with certificate templates. Why is this?
Instruction: Choose the option that best answers the question.
Answer Choices
Your user account does not have sufficient permissions
Certificate templates must be managed directly in the file system
Certificate templates are not available for private Cas
Your server is not joined to an Active Directory domain
Your server is not joined to an Active Directory domain
Which Linux commands can be used to generate file hashes?
Instruction: Choose all options that best answer the question.
Answer Choices
md5sum
md256sum
sha5sum
sha256sum
md5sum
sha256sum
BitLocker is designed to encrypt which type of objects?
Instruction: Choose the option that best answers the question.
Answer Choices
Cloud resources
Files
Folders
File systems
File systems
Which command line tool can be used to manage EFS?
Result: Incorrect. The correct answer is indicated.
Detailed Results
cipher
Not selected
Correct answer.
chmod
Selected
Incorrect answer.
sudo
Not selected. Not selected is correct.
certutil
Not selected. Not selected is correct.
cipher
Where in Windows can you configure IPSec?
Instruction: Choose all options that best answer the question.
Answer Choices
Certutil
Group Policy
Windows Defender
Cipher
Group Policy
Windows Defender
Which PowerShell cmdlet is used to generate file hashes?
Instruction: Choose the option that best answers the question.
Answer Choices
New-SHA256Hash
Get-FileHash
New-CryptHash
New-MD5Hash
Get-FileHash
You are managing a Windows 11 device. You would like to view existing computer and user certificates installed on the machine. What should you do?
Instruction: Choose the option that best answers the question.
Answer Choices
Run the Get-FileHash PowerShell cmdlet
Open the Group Policy editor and view certificate settings
Start MMC and add the Certificates snapin
Windows 11 does not support PKI certificates
Start MMC and add the Certificates snapin
Which type of Azure resource must you create when configuring a user VPN?
Instruction: Choose the option that best answers the question.
Answer Choices
Resource group
Virtual network gateway
Virtual machine
Web application
Virtual network gateway
You must ensure a highly sensitive internal web site uses PKI client authentication. What must be done on the web server?
Instruction: Choose all options that best answer the question.
Answer Choices
Enable the option to require client PKI certificates
Ensure the web server is configured to use HTTPS
The web server must be configured with a private CA-issued certificate
The web server must be configured with a public CA-issued certificate
Enable the option to require client PKI certificates
Ensure the web server is configured to use HTTPS
