ISC2 - Study Notes 26

Question 1

PGP, GPG, and OpenPGP support a web of trust. Current implementations of PGP can also use a public key infrastructure to retrieve and validate certificates.

Answer 1

Info

Question 2

allows organizations with a private PKI and private CA to trust entities in another private PKI.

Answer 2

Cross-certification

Question 3

refers to creating strong keys. Strong keys are random and of sufficient length that they cannot be guessed.

Answer 3

Key composition

Question 4

refers to periodically replacing an old key with a new key.

Answer 4

Key Rotation

Question 5

attack is possible when the attacker has samples of both plaintext and ciphertext data.

Answer 5

A known-plaintext (or known-text)

Question 6

doesn’t have access to all of the plaintext but either has access to some plaintext or is able to predict plaintext that is included in the ciphertext.

Answer 6

Chosen-Plaintext

Question 7

is an attack where the attacker has only ciphertext for analysis without any useful information about the plaintext data.

Answer 7

Ciphertext-Only Attack

Question 8

A (host) record Resolves a host name to an ???

Answer 8

IPv4 Address

Question 9

AAAA (host) record Resolves a host name to an ???

Answer 9

IPv6 Address

Question 10

PTR (pointer) record Resolves an IP address to a ???

Answer 10

host name