Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

ITS > M4: Key establishment and certificate management - C.4 & C.8 > Flashcards

M4: Key establishment and certificate management - C.4 & C.8 Flashcards

1
Q

What is entity authentication?

M4: Key establishment and certificate management - C.4 & C.8

A

It’s the process of verifying the identity of a communicating party.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is a session key?

M4: Key establishment and certificate management - C.4 & C.8

A

A session key is a temporary symmetric key used for securing communications during a session.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What’s the difference between key transport and key agreement?

M4: Key establishment and certificate management - C.4 & C.8

A

Key transport involves one party choosing and sending the key, while key agreement involves both parties contributing to the key.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is mutual authentication?

M4: Key establishment and certificate management - C.4 & C.8

A

It’s when both parties in a communication prove their identities to each other.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is a replay attack?

M4: Key establishment and certificate management - C.4 & C.8

A

It’s when an attacker captures and reuses a message from a previous session to gain unauthorized access.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is a reflection attack?

M4: Key establishment and certificate management - C.4 & C.8

A

It’s when an attacker tricks a party into proving its identity to itself, often by replaying messages.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is a relay attack?

M4: Key establishment and certificate management - C.4 & C.8

A

It’s when an attacker forwards messages between two parties to make them believe they are communicating directly.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is a middle-person attack?

M4: Key establishment and certificate management - C.4 & C.8

A

It’s when an attacker intercepts and possibly alters the communication between two parties without their knowledge.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is the purpose of time-variant parameters (TVPs)?

M4: Key establishment and certificate management - C.4 & C.8

A

TVPs ensure the uniqueness and freshness of protocol messages to prevent replay attacks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is Diffie-Hellman key agreement?

M4: Key establishment and certificate management - C.4 & C.8

A

It’s a method for two parties to establish a shared secret over an insecure channel.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

main weakness of basic Diffie Hellman?

M4: Key establishment and certificate management - C.4 & C.8

A

It is vulnerable to middle-person attacks because it doesn’t authenticate the parties.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is the Station-to-Station (STS) protocol?

M4: Key establishment and certificate management - C.4 & C.8

A

It’s an extension of Diffie-Hellman that includes authentication using digital signatures.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is a key distribution center (KDC)?

M4: Key establishment and certificate management - C.4 & C.8

A

It’s a trusted server that generates and distributes session keys to parties that don’t share long-term keys.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is a key translation center (KTC)?

M4: Key establishment and certificate management - C.4 & C.8

A

It’s a server that helps one party encrypt a session key for another party, reducing key distribution complexity.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Why is it important to avoid reusing session keys?

M4: Key establishment and certificate management - C.4 & C.8

A

Reusing session keys can make them vulnerable to attacks and increase the risk of key leakage.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is a public-key certificate?

M4: Key establishment and certificate management - C.4 & C.8

A

It’s a data structure that links a public key to an owner, verified by a Certification Authority (CA).

17
Q

Why is the authenticity of a public key important?

M4: Key establishment and certificate management - C.4 & C.8

A

To ensure the public key belongs to the correct owner and prevent misuse by attackers.

18
Q

What role does a Certification Authority (CA) play?

M4: Key establishment and certificate management - C.4 & C.8

A

A CA verifies and signs certificates, asserting the ownership of public keys.

19
Q

What is a Distinguished Name (DN) in a certificate?

M4: Key establishment and certificate management - C.4 & C.8

A

It’s a unique identifier for the certificate’s owner, including attributes like Country., Organization, and Common-Name.

20
Q

What is the purpose of the validity period in a certificate?

M4: Key establishment and certificate management - C.4 & C.8

A

It specifies the dates between which the certificate is valid and can be trusted.

21
Q

What is a Certificate Revocation List (CRL)?

M4: Key establishment and certificate management - C.4 & C.8

A

It’s a list of certificates that have been revoked before their expiration date, issued by a CA.

22
Q

What is the difference between a CRL and delta CRLs?

M4: Key establishment and certificate management - C.4 & C.8

A

Delta CRLs are updates to a base CRL, making it easier to manage and distribute revocation information.

23
Q

What is the Online Certificate Status Protocol (OCSP)?

M4: Key establishment and certificate management - C.4 & C.8

A

It’s a method for checking the real-time status of a certificate’s validity.

24
Q

What is Trust on First Use (TOFU)?

M4: Key establishment and certificate management - C.4 & C.8

A

It’s when a certificate is trusted the first time it’s seen, without prior verification, assuming it’s genuine.

25
Q

What is a trust anchor in PKI?

M4: Key establishment and certificate management - C.4 & C.8

A

It’s a pre-trusted public key used to start the validation chain for certificates.

26
Q

What is the purpose of certificate extensions in X.509v3?

M4: Key establishment and certificate management - C.4 & C.8

A

They provide additional information and constraints, like key usage and subject alternate names.

27
Q

What is a bridge CA?

M4: Key establishment and certificate management - C.4 & C.8

A

It’s a CA used to connect multiple CA domains, reducing the complexity of cross-certifications.

28
Q

What is a strict CA hierarchy?

M4: Key establishment and certificate management - C.4 & C.8

A

It’s a tree structure of CAs with a single root CA at the top, issuing certificates down the hierarchy.

29
Q

What is the browser trust model?

M4: Key establishment and certificate management - C.4 & C.8

A

Browsers use a list of trusted root CAs to validate server certificates, without cross-certificates between CAs.

30
Q

What is the main challenge with managing long-term private keys?

M4: Key establishment and certificate management - C.4 & C.8

A

Ensuring they are securely stored and protected from offline password-guessing attacks

ITS (14 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions