2.4.13, 1.4.6, 1.4.3 Flashcards

1
Q

What is the aim of a cryptographic attacker?

A

To decrypt the ciphertext and learn the private key

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is a primary benefit of using a key management system (KMS)?

A

Centralized management of cryptographic keys

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which cryptographic tool protects against unauthorized access and tampering by isolating critical processes from the rest of the system?

A

Secure enclave

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

In which scenarios are secure enclaves commonly used?

A

Mobile devices and cloud environments

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

The Birthday attack is based on which paradox?

A

The birthday paradox

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is a collision in the context of cryptographic attacks?

A

When the output of a hashing algorithm is the same for two unique inputs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Why are collisions problematic in cryptographic hashing algorithms?

A

They make it difficult to ensure the integrity of the data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is a downgrade attack in the context of cryptography?

A

An attack that uses an older version of software to exploit vulnerabilities

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Why are systems vulnerable to downgrade attacks even if the software is kept up-to-date?

A

Because newer versions of software may still cooperate with older versions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What precaution can users take to mitigate the risk of downgrade attacks?

A

Keep software up-to-date and monitor for compatibility issues

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What does PKI stand for?

A

Public Key Infrastructure

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What does a Certificate Authority do in PKI?

A

Issues and vouches for digital certificates

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is the purpose of an offline Certificate Authority?

A

To protect the root certificate

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What do Registration Authorities (RAs) do in PKI?

A

Verify the user’s identity before certificate issuance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is the purpose of a Certificate Revocation List?

A

To manage the revocation process

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is the purpose of Digital Certificate Extensions?

A

To specify additional items protected by a single certificate

17
Q

What is a common field in PKI certificates that describes the certificate owner?

18
Q

What is the purpose of a root certificate in PKI?

A

To initiate the PKI infrastructure

19
Q

Which protocol do browsers use to check the status of certificates after revocation?

20
Q

What is the primary function of Extended Validation (EV) certificates?

A

To perform additional checks on the recipient

21
Q

How does the use of Wildcard domain certificates differ from other certificates?

A

They are valid for all names associated with a domain

22
Q

In what scenario might a business consider creating self-signed certificates?

A

For encrypting internal emails

23
Q

What is the primary function of a Trusted Platform Module (TPM)?

A

Secure cryptographic operations and key storage

24
Q

Which cryptographic tool is a dedicated hardware device or module designed to generate, store, and manage cryptographic keys securely?

25
Q

What does a key management system (KMS) facilitate?

A

Secure handling of cryptographic keys throughout their lifecycle

26
Q

What is the purpose of a secure enclave?

A

To provide a secure environment for executing sensitive operations and storing cryptographic keys

27
Q

Where is a Trusted Platform Module (TPM) typically embedded?

A

In a computer’s motherboard

28
Q

Which industry commonly uses Hardware Security Modules (HSMs) due to stringent security requirements?

A

Financial institutions

29
Q

What function does a Trusted Platform Module (TPM) commonly support?

A

Attestation