Chapter 4 Flashcards
Combo: Quiz 4 plus Book End of Chapter Questions
Which of the following is NOT a method for strengthening a key?
a. Randomness
b. Cryptoperiod
c. Length
d. Variability
d. Variability
Which of the following clock ciphers XORs each block of plaintext with the previous block of ciphertext before being encrypted?
a. Electronic Code Book (ECB)
b. Galois/Counter (GCM)
c. Counter (CTR)
d. Cipher Block Chaining (CBC)
d. Cipher Block Chaining (CBC)
What entity calls in crypto modules to perform cryptographic tasks?
a. Certificate Authority (CA)
b. OCSP Chain
c. Intermediate CA
d. Cypto service provider
d. Cypto service providerd.
__________ are symmetric keys to encrypt and decrypt information exchanged during the session and to verify its integrity.
a. Encrypted signatures
b. Session keys
c. Digital certificates
d. Digital digests
b. Session keys
Which of these is considered the strongest cryptographic transport protocol?
a. TLS v1.2
b. TLS v1.0
c. SSL v2.0
d. SSL v2.0
a. TLS v1.2
The strongest technology that would assure Alice that Bob is the sender of the message is a(n) __________.
a. digital signature
b. encrypted signature
c. digest
d. digest certificate
a. digital signature
A digital certificate associates __________.
a. a user’s public key with his private key
b. the user’s identity with his public key
c. a user’s private key with the public key
d. a private key with a digital signature
b. the user’s identity with his public key
Digital certificates can be used for each of these EXCEPT __________.
a. to verify the authenticity of the Registration Authorizer.
b. to encrypt channels to provide secure communication between clients and servers
c. to verify the identity of clients and servers on the Web
d. to encrypt messages for secure email communication
a. to verify the authenticity of the Registration Authorizer.
An entity that issues digital certificates is a __________.
a. certificate signatory (CS)
b. digital signer (DN)
c. certificate authority (CA)
d. signature authority (SA)
c. certificate authority (CA)
A centralized directory of digital certificates is called a(n) ___________.
a. Digital Signature Permitted Authorization (DSPA)
b. Digital Signature Approval List (DSAP)
c. Certificate Repository (CR)
d. Authorized Digital Signature (ADS)
c. Certificate Repository (CR)
__________ performs a real-time lookup of a digital certificate’s status.
a. Certificate Revocation List (CRL)
b. Real-Time CA Verification (RTCAV)
c. Online Certificate Status Protocol (OCSP)
d. CA Registry Database (CARD)
c. Online Certificate Status Protocol (OCSP)
_________ is a protocol for securely accessing a remote computer.
a. Transport Layer Security (TLS)
b. Secure Shell (SSH)
c. Secure Sockets layer (SSL)
d. Secure Hypertext Transport Protocol (SHTTP)
b. Secure Shell (SSH)
What is a value that can be used to ensure that hashed plaintext will not consistently result in the same digest?
a. Algorithm
b. Initialization vector (IV)
c. Nonce
d. Salt
d. Salt
Which digital certificate displays the name of the entity behind the website?
a. Online Certificate Status Certificate
b. Extended Validation (EV) Certificate
c. Session Certificate
d. X.509 Certificate
b. Extended Validation (EV) Certificate
Which trust model has multiple CAs, one of which acts as a facilitator?
a. Bridge
b. Hierarchical
c. Distributed
d. Web
a. Bridge
Which statement is NOT true regarding hierarchical trust models?
a. It is designed for use on a large scale.
b. The root signals all digital certificate authorities with a signal key.
c. It assigns a single hierarchy with one master CA.
d. The master CA is called the root.
a. It is designed for use on a large scale.
Public key infrastructure (PKI) __________.
a. generates public/private keys automatically
b. creates private key cryptography
c. is the management of digital certificates
d. requires the use of an RA instead of a CA
c. is the management of digital certificates
A(n) __________ is a published set of rules that govern the operation pf a PKI.
a. signature resource guide (SRG)
b. enforcement certificate (EF)
c. certificate practice statement (CPS)
d. certificate policy (CP)
d. certificate policy (CP)
Which of these is NOT part of the certificate life cycle?
a. WXpiration
b. Revocation
c. Authorization
d. Creation
c. Authorization
__________ refers to a situation in which keys are managed by a third party, such as a trusted CA.
a. Key authorization
b. Key escrow
c. Remote key administration
d. Trusted key authority
b. Key escrow
What are three areas of protection provided by IPSEC?
1) authentication
2) confidentiality
3) key management
When two individuals trust each other because of the trust that exists between the indviduals and a separate entity, what type of trust has been established?
a) third-party
b) distributed
c) mutual
d) web of
a) third-party
What is used to create session keys?
a) master secret
b) validation
c) crypto modules
d) domain validation
a) master secret
Stream cipers work on multiple characters at a time.
(T/F)
False