Chapter 6 Flashcards

1
Q

What protocol used to authenticate remote access users with smart cards?

A

EAP-TLS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What EAP type offers support for legacy authentication protocols such as PAP, CHAP, MS-CHAP or MS-CHAPv2?

A

EAP-TTLS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

How many characters in a passphrase for WPA2- Personal security?

A

8 characters

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What cipher blocks are restricted to 64 bit block sizes?

A

DES and 3DES

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is a supplicant?

A

Software application installed on an end users computer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What EAP type uses three phase operation?

A

EAP-FAST

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What does the SSL connection setup process look like?

A

Client creates session key and encrypts with servers public key

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What two items are found within a digital certificate?

A

Serial Number, and Public Key

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

In an 802.1x implementation, what devices mutually authenticate with each other?

A

Authentication Server and Supplicant

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is a trust model?

A

Collection of rules that informs applications as to how to decide the validity of a digital certificate.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What EAP type uses the concepts of public key infrastructure (PKI)?

A

EAP-TLS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is a captive portal?

A

A web page where the user must view and agree to the terms before access to the network is granted. Seen in airports.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What encryption type offers easy key exchange and key management?

A

Asymmetric

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Which of the following types of device are found in a network that supports Wi-Fi Protected Setup (WPS) protocol

A

Registrar, Enrollee, Access Point

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is PKCS #12?

A

File that contains both private key and X.509 certificate.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is PKCS #1?

A

Defines mathematical properties and format of RSA public and private keys

17
Q

What is PKCS #3?

A

Cryptographic protocol that allows two parties to jointly establish a share key over an insecure network.

18
Q

What is PKCS #7?

A

Used to sign and or encrypt messages within a PKI

19
Q

How many effective key sizes of bits does 3DES have?

A

56, 112, 168

20
Q

Which of the following statements best describes the relationship between a CRL and OSCP?

A

OCSP is a protocol to check the CRL during a certificate validation process.

21
Q

What is a one time pad?

A

Stream cipher that encrypts the plain text with a secret random key that is the same length as the plain text.

22
Q

What is Cipher Block Chaining? (CBC)

A

Uses feedback info to ensure the current block ciphertext differs from other blocks even if the same data is being encrypted.

23
Q

What is Electronic Code Book?

A

Encrypts each data block individually.

24
Q

What is Galois/Counter Mode? (GCM)

A

Encrypts data and checks integrity.

25
What is Counter Mode? (CTM)
Similar to CBC except it does not use a random number and does not chain the blocks.
26
Which certificate format is typically used on Windows OS machines to import and export certificates and private keys?
PFX
27
What is PEM?
Used for securing email using public key cryptography
28
What is another name for an ephemeral key?
Session Key
29
Which of the following transpires in a PKI environment?
The CA signs the certificate.
30
AES-CCMP uses a 128-bit temporal key and encrypts data in what block size?
128
31
Which of the following algorithms is typically used to encrypt data-at-rest?
Symmetric
32
What is a registered authority?
Used to verify requests for certificates and forwards responses to the CA.