Module 10 - Public Key Infrastructure - Q&A Flashcards

1
Q
PKI primarily depends upon the principles of \_\_\_\_\_\_\_\_\_\_.
A. asymmetric cryptography
B. symmetric cryptography
C. hybrid cryptography
D. hashing
A

C. PKI primarily depends upon the principles of hybrid cryptography.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q
Which of the following standards dictates digital certificate file format, as well as use and information contained in the file?
A. X. 509
B. PKCS #12
C. X. 500
D. PKCS #7
A

A. The X. 509 standard dictates digital certificate file format, as well as use and information contained in the file.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q
If an individual encrypts a message with his own private key, what does this assure?
A. Confidentiality
B. Message authenticity
C. Integrity
D. Availability
A

B. If an individual encrypts a message with his private key, this ensures message authenticity, since he is the only person who could have encrypted it.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q
Which of the following entities can help distribute the workload of the CA by performing identification and authentication of individual certificate requestors?
A. Subordinate CA
B. Root CA server
C. Authentication Authority
D. Registration Authority
A

D. The Registration Authority (RA) can help distribute the workload of the CA by performing identification and authentication of individual certificate requestors.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q
Which of the following serves as the master certificate server in an organization?
A. Intermediate CA server
B. Root CA server
C. Subordinate CA server
D. Kerberos KDC
A

B. A root CA server is the master certificate server in an organization.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q
Which of the following is used to get certificate status information from a CA automatically?
A. OCSP
B. CRL
C. Root CA
D. Kerberos authentication protocol
A

A. The Online Certificate Security Protocol (OSCP) is used to get certificate status information from a CA automatically.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q
Which of the following events in a certificate lifecycle is only a temporary situation in which a certificate is invalidated for an indefinite period of time and can be restored by the CA at its discretion?
A. Certificate revocation
B. Certificate expiration
C. Certificate suspension
D. Certificate denial
A

C. A certificate suspension is only a temporary situation in which a certificate is invalidated for an indefinite period of time and can be restored by the CA at its discretion.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q
Which of the following is an individual or entity that has the ability and authority to use another individual’s private key or a different key to decrypt data that would otherwise be lost?
A. CA
B. Recovery agent
C. Server administrator
D. RA
A

B. The recovery agent is an entity that has the ability and authority to use another individual’s private key or a different key to decrypt data that would otherwise be lost.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q
Which of the following certificate trust models is typically found within an organization?
A. Transitive trust model
B. Web-of-trust model
C. Cross-trust model
D. Hierarchical trust model
A

D. A hierarchical trust model is typically found within an organization.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q
Which of the following certificate trust models does not depend on a structured PKI?
A. Web-of-trust model
B. Cross-trust model
C. Transitive trust
D. Hierarchical trust model Answers
A

A. A web-of-trust model does not use a formal PKI and is often found in use between smaller groups of people or individuals.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly