Chapter 6

Question 1

What protocol used to authenticate remote access users with smart cards?

Answer 1

EAP-TLS

Question 2

What EAP type offers support for legacy authentication protocols such as PAP, CHAP, MS-CHAP or MS-CHAPv2?

Answer 2

EAP-TTLS

Question 3

How many characters in a passphrase for WPA2- Personal security?

Answer 3

8 characters

Question 4

What cipher blocks are restricted to 64 bit block sizes?

Answer 4

DES and 3DES

Question 5

What is a supplicant?

Answer 5

Software application installed on an end users computer

Question 6

What EAP type uses three phase operation?

Answer 6

EAP-FAST

Question 7

What does the SSL connection setup process look like?

Answer 7

Client creates session key and encrypts with servers public key

Question 8

What two items are found within a digital certificate?

Answer 8

Serial Number, and Public Key

Question 9

In an 802.1x implementation, what devices mutually authenticate with each other?

Answer 9

Authentication Server and Supplicant

Question 10

What is a trust model?

Answer 10

Collection of rules that informs applications as to how to decide the validity of a digital certificate.

Question 11

What EAP type uses the concepts of public key infrastructure (PKI)?

Answer 11

EAP-TLS

Question 12

What is a captive portal?

Answer 12

A web page where the user must view and agree to the terms before access to the network is granted. Seen in airports.

Question 13

What encryption type offers easy key exchange and key management?

Answer 13

Asymmetric

Question 14

Which of the following types of device are found in a network that supports Wi-Fi Protected Setup (WPS) protocol

Answer 14

Registrar, Enrollee, Access Point

Question 15

What is PKCS #12?

Answer 15

File that contains both private key and X.509 certificate.

Question 16

What is PKCS #1?

Answer 16

Defines mathematical properties and format of RSA public and private keys

Question 17

What is PKCS #3?

Answer 17

Cryptographic protocol that allows two parties to jointly establish a share key over an insecure network.

Question 18

What is PKCS #7?

Answer 18

Used to sign and or encrypt messages within a PKI

Question 19

How many effective key sizes of bits does 3DES have?

Answer 19

56, 112, 168

Question 20

Which of the following statements best describes the relationship between a CRL and OSCP?

Answer 20

OCSP is a protocol to check the CRL during a certificate validation process.

Question 21

What is a one time pad?

Answer 21

Stream cipher that encrypts the plain text with a secret random key that is the same length as the plain text.

Question 22

What is Cipher Block Chaining? (CBC)

Answer 22

Uses feedback info to ensure the current block ciphertext differs from other blocks even if the same data is being encrypted.

Question 23

What is Electronic Code Book?

Answer 23

Encrypts each data block individually.

Question 24

What is Galois/Counter Mode? (GCM)

Answer 24

Encrypts data and checks integrity.

Question 25

What is Counter Mode? (CTM)

Answer 25

Similar to CBC except it does not use a random number and does not chain the blocks.

Question 26

Which certificate format is typically used on Windows OS machines to import and export certificates and private keys?

Answer 26

PFX

Question 27

What is PEM?

Answer 27

Used for securing email using public key cryptography

Question 28

What is another name for an ephemeral key?

Answer 28

Session Key

Question 29

Which of the following transpires in a PKI environment?

Answer 29

The CA signs the certificate.

Question 30

AES-CCMP uses a 128-bit temporal key and encrypts data in what block size?

Answer 30

128

Question 31

Which of the following algorithms is typically used to encrypt data-at-rest?

Answer 31

Symmetric

Question 32

What is a registered authority?

Answer 32

Used to verify requests for certificates and forwards responses to the CA.