2.4.13, 1.4.6, 1.4.3 Flashcards
What is the aim of a cryptographic attacker?
To decrypt the ciphertext and learn the private key
What is a primary benefit of using a key management system (KMS)?
Centralized management of cryptographic keys
Which cryptographic tool protects against unauthorized access and tampering by isolating critical processes from the rest of the system?
Secure enclave
In which scenarios are secure enclaves commonly used?
Mobile devices and cloud environments
The Birthday attack is based on which paradox?
The birthday paradox
What is a collision in the context of cryptographic attacks?
When the output of a hashing algorithm is the same for two unique inputs
Why are collisions problematic in cryptographic hashing algorithms?
They make it difficult to ensure the integrity of the data
What is a downgrade attack in the context of cryptography?
An attack that uses an older version of software to exploit vulnerabilities
Why are systems vulnerable to downgrade attacks even if the software is kept up-to-date?
Because newer versions of software may still cooperate with older versions
What precaution can users take to mitigate the risk of downgrade attacks?
Keep software up-to-date and monitor for compatibility issues
What does PKI stand for?
Public Key Infrastructure
What does a Certificate Authority do in PKI?
Issues and vouches for digital certificates
What is the purpose of an offline Certificate Authority?
To protect the root certificate
What do Registration Authorities (RAs) do in PKI?
Verify the user’s identity before certificate issuance
What is the purpose of a Certificate Revocation List?
To manage the revocation process
What is the purpose of Digital Certificate Extensions?
To specify additional items protected by a single certificate
What is a common field in PKI certificates that describes the certificate owner?
CN
What is the purpose of a root certificate in PKI?
To initiate the PKI infrastructure
Which protocol do browsers use to check the status of certificates after revocation?
OCSP
What is the primary function of Extended Validation (EV) certificates?
To perform additional checks on the recipient
How does the use of Wildcard domain certificates differ from other certificates?
They are valid for all names associated with a domain
In what scenario might a business consider creating self-signed certificates?
For encrypting internal emails
What is the primary function of a Trusted Platform Module (TPM)?
Secure cryptographic operations and key storage
Which cryptographic tool is a dedicated hardware device or module designed to generate, store, and manage cryptographic keys securely?
HSM
What does a key management system (KMS) facilitate?
Secure handling of cryptographic keys throughout their lifecycle
What is the purpose of a secure enclave?
To provide a secure environment for executing sensitive operations and storing cryptographic keys
Where is a Trusted Platform Module (TPM) typically embedded?
In a computer’s motherboard
Which industry commonly uses Hardware Security Modules (HSMs) due to stringent security requirements?
Financial institutions
What function does a Trusted Platform Module (TPM) commonly support?
Attestation