2.4.13, 1.4.6, 1.4.3

Question 1

What is the aim of a cryptographic attacker?

Answer 1

To decrypt the ciphertext and learn the private key

Question 2

What is a primary benefit of using a key management system (KMS)?

Answer 2

Centralized management of cryptographic keys

Question 3

Which cryptographic tool protects against unauthorized access and tampering by isolating critical processes from the rest of the system?

Answer 3

Secure enclave

Question 4

In which scenarios are secure enclaves commonly used?

Answer 4

Mobile devices and cloud environments

Question 5

The Birthday attack is based on which paradox?

Answer 5

The birthday paradox

Question 6

What is a collision in the context of cryptographic attacks?

Answer 6

When the output of a hashing algorithm is the same for two unique inputs

Question 7

Why are collisions problematic in cryptographic hashing algorithms?

Answer 7

They make it difficult to ensure the integrity of the data

Question 8

What is a downgrade attack in the context of cryptography?

Answer 8

An attack that uses an older version of software to exploit vulnerabilities

Question 9

Why are systems vulnerable to downgrade attacks even if the software is kept up-to-date?

Answer 9

Because newer versions of software may still cooperate with older versions

Question 10

What precaution can users take to mitigate the risk of downgrade attacks?

Answer 10

Keep software up-to-date and monitor for compatibility issues

Question 11

What does PKI stand for?

Answer 11

Public Key Infrastructure

Question 12

What does a Certificate Authority do in PKI?

Answer 12

Issues and vouches for digital certificates

Question 13

What is the purpose of an offline Certificate Authority?

Answer 13

To protect the root certificate

Question 14

What do Registration Authorities (RAs) do in PKI?

Answer 14

Verify the user’s identity before certificate issuance

Question 15

What is the purpose of a Certificate Revocation List?

Answer 15

To manage the revocation process

Question 16

What is the purpose of Digital Certificate Extensions?

Answer 16

To specify additional items protected by a single certificate

Question 17

What is a common field in PKI certificates that describes the certificate owner?

Answer 17

CN

Question 18

What is the purpose of a root certificate in PKI?

Answer 18

To initiate the PKI infrastructure

Question 19

Which protocol do browsers use to check the status of certificates after revocation?

Answer 19

OCSP

Question 20

What is the primary function of Extended Validation (EV) certificates?

Answer 20

To perform additional checks on the recipient

Question 21

How does the use of Wildcard domain certificates differ from other certificates?

Answer 21

They are valid for all names associated with a domain

Question 22

In what scenario might a business consider creating self-signed certificates?

Answer 22

For encrypting internal emails

Question 23

What is the primary function of a Trusted Platform Module (TPM)?

Answer 23

Secure cryptographic operations and key storage

Question 24

Which cryptographic tool is a dedicated hardware device or module designed to generate, store, and manage cryptographic keys securely?

Answer 24

HSM

Question 25

What does a key management system (KMS) facilitate?

Answer 25

Secure handling of cryptographic keys throughout their lifecycle

Question 26

What is the purpose of a secure enclave?

Answer 26

To provide a secure environment for executing sensitive operations and storing cryptographic keys

Question 27

Where is a Trusted Platform Module (TPM) typically embedded?

Answer 27

In a computer’s motherboard

Question 28

Which industry commonly uses Hardware Security Modules (HSMs) due to stringent security requirements?

Answer 28

Financial institutions

Question 29

What function does a Trusted Platform Module (TPM) commonly support?

Answer 29

Attestation