Ch. 6 Flashcards
A trust model with one CA that acts as a facilitator to interconnect all other CAs
bridge trust model
A trusted third-party agency that is responsible for issuing digital certificates
Certificate Authority (CA)
A publicly accessible directory of digital certificates that can be used to view the status of a digital certificate
Certificate Repository (CR)
A repository that lists revoked digital certificates
Certificate Revocation List (CRL)
A specially formatted encrypted message that validates the information the CA requires to issue a digital certificate
Certificate Signing Request (CSR)
A named combination of the encryption, authentication, and message authentication code (MAC) algorithms that are used with SSL and TLS
cipher suite
A technology used to associate a user’s identity to a public key, in which the user’s public key is digitally signed by a trusted third party
digital certificate
A type of trust model in which a relationship exists between two individuals because one person knows the other person
direct trust
A trust model that has multiple CAs that sign digital certificates
distributed trust model
A trust model that has a single hierarchy with one master CA
hierarchical trust model
A secure version of HTTP sent over SSL or TLS
Hypertext Transport Protocol Security (HTTPS)
A set of protocols developed to support the secure exchange of packets between hosts or networks
Internet Protocol Security (IPsec)
A process in which keys are managed by a third party, such as a trusted CA
key escrow
A highly trusted person responsible for recovering lost or damaged digital certificates
key recovery agent (KRA)
A protocol that performs a real-time lookup of a certificate’s status
Online Certificate Status Protocol (OCSP)
A framework for managing all of the entities involved in creating, storing, distributing, and revoking digital certificates
public key infrastructure (PKI)
A subordinate entity designed to handle specific CA tasks such as processing certificate requests and authenticating users
Registration Authority (RA)
A Linux/UNIX-based command interface and protocol for securely accessing a remote computer
Secure Shell (SSH)
A protocol originally developed by Netscape for securely accessing a remote computer
Secure Sockets Layer (SSL)
Symmetric keys to encrypt and decrypt information exchanged during a handshake session between a web browser and web server
session keys
A trust model in which two individuals trust each other because each individually trusts a third party
third-party trust
A protocol that is more secure than SSL and guarantees privacy and data integrity between applications
Transport Layer Security (TLS)
The type of trust relationship that can exist between individuals or entities
trust model
A ____ is a specially formatted encrypted message that validates the information the CA requires to issue a digital certificate.
a. Certificate Signing Request (CSR)
b. digital digest
c. FQDN form
d. digital certificate
a