Chapter 04 Quiz – Advanced Cyprography and PKI Flashcards
Questions 22
Question # 01
What term best represents the resiliency of
a cryptographic key to attacks?
a. key bits
b. key resiliency
c. key strength
d. key space
c. key strength
Question # 02
Select the term that is used to describe a trusted third-party agency that is responsible for issuing digital certificates:
a. Registration Authority
b. Delegation Authority
c. Certification Authority
d. Participation Authority
c. Certification Authority
Question # 03
What kind of digital certificate is typically used to ensure the authenticity of a web server to a client?
a. private
b. web server
c. public web
d. web client
b. web server
Question # 04
What type of trust model has a single CA that acts as a facilitator to interconnect all other CAs?
a. bridge trust
b. distributed trust
c. third-party trust
d. transitive trust
a. bridge trust
Question # 05
A document that describes in detail how a CA uses and manages certificates, as well as how end users register for a digital certificate, is known as?
a. Certificate practice statement (CPS)
b. Certificate policy (CP)
c. Lifecycle policy (LP)
d. Access policy (AP)
a. Certificate practice statement (CPS)
Question # 06
At what stage can a certificate no longer be used for any type of authentication?
a. creation
b. suspension
c. revocation
d. expiration
d. expiration
Question # 07
What cryptographic transport algorithm is considered to be significantly more secure than SSL?
a. AES
b. HTTPS
c. ESSL
d. TLS
d. TLS
Question # 08
What protocol below supports two encryption modes: transport and tunnel?
a. HTTPS
b. IPSec
c. SSL
d. TLS
b. IPSec
Question # 09
The Authentication Header (AH) protocol is a part of what encryption protocol suite below?
a. TLS 3.0
b. IPSec
c. GPG
d. SSL
b. IPSec
Question # 10
Why is IPSec considered to be a transparent security protocol?
a. IPSec packets can be viewed by anyone
b. IPSec is designed to not require modifications of programs, or additional training, or additional client setup.
c. IPSec’s design and packet header contents are open sourced technologies
d. IPSec uses the Transparent Encryption (TE) algorithm
b. IPSec is designed to not require modifications of programs, or additional training, or additional client setup.
Question # 11
What length SSL and TLS keys are generally considered to be strong?
a. 128
b. 1024
c. 2048
d. 4096
d. 4096
Question # 12
What block cipher mode of operation uses the most basic approach where the plaintext is divided into blocks, and each block is then encrypted separately?
a. Electronic Code Book
b. Galois/Counter
c. Cipher Block Chaining
d. Counter
a. Electronic Code Book
Question # 13
What is a value that can be used to ensure that plaintext, when hashed, will not consistently result in the same digest?
a. salt
b. initialization vector
c. counter
d. nonce
a. salt
Question # 14
Which of the following is an input value that must be unique within some specified scope, such as for a given period or an entire session?
a. salt
b. initialization vector
c. counter
d. nonce
d. nonce
Question # 15
What common method is used to ensure the security and integrity of a root CA?
a. Keep it in an offline state from the network.
b. Only use the root CA infrequently.
c. Password protect the root CA
d. Keep it in an online state and encrypt it.
a. Keep it in an offline state from the network.
