Chapter 4

Question 1

Which of the following is NOT a method for strengthening a key?

Randomness
Cryptoperiod
Length
Variability

Answer 1

Variability

Question 2

Which of the following block ciphers XORs each block of plaintext with the previous block of ciphertext before being encrypted?

Electronic Code Book (ECB)
Galois/Counter (GCM)
Counter (CTR)
Cipher Block Chaining (CBC)

Answer 2

Cipher Block Chaining (CBC)

Question 3

What entity calls in crypto modules to perform cryptographic tasks?

Answer 3

crypto service provider

Question 4

__________ are symmetric keys to encrypt and decrypt information exchanged during the session and to verify its integrity.

Answer 4

session keys

Question 5

Which of these is considered the strongest cryptographic transport protocol?

TLS v1.2
TLS v1.0
SSL v2.0
SSL v2.0

Answer 5

TLS v1.2

Question 6

The strongest technology that would assure Alice that Bob is the sender of a message is a(n) __________.

Answer 6

digital certificate

Question 7

A digital certificate associates __________.

Answer 7

a user’s private key with the public key

Question 8

Digital certificates can be used for each of these EXCEPT __________.

to verify the authenticity of the Registration Authorizer
to encrypt channels to provide secure communication between clients and servers
to verify the identity of clients and servers on the Web
to encrypt messages for secure email communications

Answer 8

to verify the authenticity of the Registration Authorizer

Question 9

An entity that issues digital certificates is a __________.

Answer 9

certificate authority (CA)

Question 10

A centralized directory of digital certificates is called a(n) __________.

Answer 10

Certificate Repository (CR)

Question 11

__________ performs a real-time lookup of a digital certificate’s status.

Answer 11

Online Certificate Status Protocol (OCSP)

Question 12

What is a value that can be used to ensure that hashed plaintext will not consistently result in the same digest?

Answer 12

Salt

Question 13

Which digital certificate displays the name of the entity behind the website?

Answer 13

Extended Validation (EV) Certificate

Question 14

Which trust model has multiple CAs, one of which acts as a facilitator?

Answer 14

Bridge

Question 15

Which statement is NOT true regarding hierarchical trust models?

It is designed for use on a large scale.
The root signs all digital certificate authorities with a single key.
It assigns a single hierarchy with one master CA.
The master CA is called the root.

Answer 15

It is designed for use on a large scale.

Question 16

Public key infrastructure (PKI) __________.

generates public/private keys automatically
creates private key cryptography
is the management of digital certificates
requires the use of an RA instead of a CA

Answer 16

is the management of digital certificates

Question 17

A(n) __________ is a published set of rules that govern the operation of a PKI.

Answer 17

certificate policy (CP)

Question 18

Which of these is NOT part of the certificate life cycle?

Expiration
Revocation
Authorization
Creation

Answer 18

Authorization

Question 19

__________ refers to a situation in which keys are managed by a third party, such as a trusted CA.

Answer 19

Key escrow

Question 20

__________ is a protocol for securely accessing a remote computer.

Answer 20

Secure Shell (SSH)