Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CASP+ > Chapter 12 PKI > Flashcards

Chapter 12 PKI Flashcards

1
Q

ACME needs to request a new website certificate. Where will they send the request (in the first instance)?

A. Root CA
B. Subordinate/intermediate CA
C. RA
D. CRL

A

C. RA

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Software engineers are developing a new customer relationship management tool. They need to ensure customers will be able to verify the code is trustworthy. What type of certificate will they request?

A. Client authentication
B. Server authentication
C. Digital Signatures
D. Code Signing

A

D. Code Signing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Web developers have created a new customer portal for online banking. They need to ensure their corporate customers are satisfied with the security provisions when connection to the portal. What certificate type should they request for the portal?

A. Wildcard Certificate
B. Extended validation
C. Multi domain
D. General Purpose

A

B. Extended validation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

A large e-commerce provider needs to minimize administration by allocating a single certificate to multiple sites. The sites will be country specific, with different domain names. What would be the best choice of certificate to deliver this requirement?

A. Wildcard certificate
B. Extended validation
C. General Purpose
D. SAN

A

D. SAN

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

A multinational airline has a customer booking portal. They need to minimize administration by allocating a single certificate to multiple sites. The sites will provide support for booking, queries and check in. The company registered domain name (WingTip.com) will be used in each case. What would be the best choice of certificate to deliver this requirement?

A. Wildcard certificate
B. Extended validation
C. General Purpose
D. SAN

A

A. Wildcard certificate

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Wingtip Aerospace needs to ensure that certificates can be trusted by government agencies as part of an ongoing collaboration project. What allows the company to be trusted by government employees?

A. Cross certification
B. Chaining
C. Wildcard certificate
D. Extended validation

A

A. Cross certification

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which key is embedded in an X.509 v3 digital certificate?

A. Public
B. Private
C. Digital signature
D. Symmetric

A

A. Public

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

A CISO for a large financial company is concerned that criminals may create certs with the same CN as the company, leading to fraudulent activity. What would best protect against this threat?

A. Wildcard certificate
B. Extended validation
C. Certificate pinning
D. Certificate stapling

A

C. Certificate pinning

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

A large online retailer would like the customer web browsing experience to be low latency, with a speed secure handshake and verification of the website certificate. What would best meet this requirement?

A. Extended validation
B. Certificate pinning
C. Certificate stapling
D. CSR

A

C. Certificate stapling

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

A user discovers that a colleague has accessed their secure password key and may have made a copy of the private key (stored on the device). What action should security professionals take to mitigate the threat of a key compromise?

A. Publish the public key on the CRL
B. Delete the public and private keys
C. Interview the work colleague
D. Implement disciplinary proceedings against the colleague

A

A. Publish the public key on the CRL

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Which HTTP extension will ensure that all connections to the banks e-commerce site will always also be encrypted using the assigned X.509 certificate?

A. HTTP X Frame headers
B. HTTP Strict Transport Security (HSTS)
C. HTTP Secure Secure Sockets Layer (SSL) 3.0 Cipher Block Chaining (CBC)
D. Extended Validation

A

B. HTTP Strict Transport Security (HSTS)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

When a public key is bundled within the UEFI firmware on a new Windows laptop, what is this termed as?

A. Exposed private keys
B. Crypto shredding
C. Improper key handling
D. Embedded keys

A

D. Embedded keys

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

A criminal has stolen the smartphone of the CEO. They have attempted to guess the PIN code several times, eventually locking the device. After mounting the storage in a lab environment, it is not possible to access the stored data. What has likely prevented a data breach?

A. Embedded keys
B. Exposed private keys
C. Crypto shredding
D. Improper key handling

A

C. Crypto shredding

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Several employees are required to bring their laptops into the office in order to obtain new encryption keys, due to a suspected breach within the department. What is taking place?

A. Rekeying
B. Cryptoshredding
C. Certificate Pinning
D. Cryptographic obfuscation

A

A. Rekeying

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

When an engineer connects to a switch using SSH connection, there is a request to download and trust a new public key cert. There was no such request when connecting from the same computer the previous. What is the likely cause of this request?

A. Compromised keys
B. Exposed private keys
C. Extended validation
D. Key rotation

A

D. Key rotation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

CASP+ (36 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions