Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

BYU-i CIT270 2021 > Module 7 > Flashcards

Module 7 Flashcards

1
Q

Which is an IPsec protocol that authenticates that packets received were sent from the source?

  • AH
  • PXP
  • DER
  • CER
A

Authentication Header (AH) protocol.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is the name of the device protected by a digital certificate?
-RCR

  • V2X2
  • CN
  • TLXS
A

The common name (CN)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is the strongest technology that would assure Alice that Bob is the sender of a message?

  • Digital signature
  • Encrypted signature
  • Digital certificate
  • Digest
A

Digital certificate

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which is the first step in a key exchange?

  • The web browser sends a message (“ClientHello”) to the server.
  • The web browser verifies the server certificate.
  • The browser generates a random value (“pre-master secret”).
  • The web server sends a message (“ServerHello”) to the client.
A

The web browser sends a message (“ClientHello”) to the server.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Juan needs a certificate that must only authenticate that a specific organization has the right to use a particular domain name. What type of certificate does he need?

  • Root
  • Domain validation
  • Extended validation
  • Website validation
A

Domain validation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which of the following is the earliest and most general cryptographic protocol?

  • SSL
  • HTTPS
  • SSH
  • TLS
A

secure sockets layer (SSL)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

John and Sarah are working for Star Alliance. John had to send certain confidential data and messages to Sarah online. The use of which of the following will ensure that the message’s sender is, in fact, John?
-Public key

  • Physical signature
  • Digital signature
  • Digital certificate
A

Digital certificate

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which of the following digital certificates are self-signed and do not depend on the higher-level certificate authority (CA) for authentication?
-Root digital certificates

  • Intermediate digital certificates
  • User digital certificates
  • Domain digital certificates
A

Root digital certificates

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which of the following protocols are used to secure HTTP?

  • TLS and SRTP
  • SSH and SSL
  • TLS and SSH
  • TLS and SSL
A

Transport layer security (TLS) and the older secure sockets layer (SSL)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which of the following is a process where a private key is split into two halves, encrypted, and stored separately for future use?

  • Revocation
  • Escrow
  • Renewal
  • Destruction
A

Escrow is a process in which keys are managed by a trusted third party.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

You have been asked to implement a block cipher mode of operation that requires both the sender and receiver of the message to have access to a synchronous counter that adds an AAD to the transmission. Which operating block cipher mode should you use?

  • ECB
  • CBC
  • CTR
  • GCM
A

GCM

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Which of the following provides confidentiality services?

  • Authentication mode
  • Transport mode
  • Stream cipher mode
  • Unauthentication mode
A

Unauthentication mode

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Which of the following is defined as a structure for governing all the elements involved in digital certificate management?

  • Web of trust model
  • PKI
  • M-of-N control
  • CA
A

Public key infrastructure (PKI) is an underlying infrastructure for key management of public keys and digital certificates governing all the elements involved in the digital certificate management-including hardware, software, people, policies, and procedures-to create, store, distribute, and revoke digital certificates. PKI is digital certificate management.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Malik and Chris are shopping for shoes on an e-commerce website and need to enter their credit card details. Which of the following can assure them that they are using the retailer’s authentic website and not an imposter’s look-alike site that will steal their credit card details?

  • Digital signature
  • Hash digest
  • SSL
  • Digital certificate
A

Digital certificate

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Which of the following is a combination of encryption, authentication, and MAC algorithms, like a collection of instructions on securing a network?

  • TLS
  • Cipher suite
  • Stream cipher
  • SSH
A

Cipher suite is a named combination of the encryption, authentication, and message authentication code (MAC) algorithms.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

How is confidentiality achieved through IPsec?

  • ESP
  • AHA
  • ISAKMP
  • AuthX
A

Encapsulating Security Payload (ESP) is an IPsec protocol that encrypts packets.

17
Q

Who verifies the authenticity of a CSR?

  • Signature authority
  • Registration authority
  • Certificate authority
  • Certificate signatory
A

A user electronically signs the CSR by affixing her public key and then sends it to a REGISTRATION AUTHORITY that is responsible for verifying the credentials of the applicant.

18
Q

Which of the following can a digital certificate NOT be used for?

  • To encrypt messages for secure email communications
  • To encrypt channels to provide secure communication between clients and servers
  • To verify the authenticity of the CA
  • To verify the identity of clients and servers on the Web
A

To verify the authenticity of the CA

19
Q

What is the name of the fields in an X.509 digital certificate that are used when the parties negotiate a secure connection?

  • Certificate attributes
  • Electronic Code Book (ECB) repositories
  • CTR
  • PFX
A

Certificate attributes

20
Q

Which of the following is defined as a structure for governing all the elements involved in digital certificate management?

  • Web of trust model
  • CA
  • PKI
  • M-of-N control
A

PKI

21
Q

Amtel University decides to keep a record of their student data in a backup server. The administrator contacts you to identify the right command interface protocol to be used in this. Which command interface protocol should you advise?

  • TLS
  • HTTPS
  • SSL
  • SSH
A

Secure shell (SSH) is an encrypted alternative to the Telnet protocol used to access remote computers

22
Q

Samira is developing a virtual private chat application for ABC Consulting. The following are requirements provided by the organization while making the application:

  1. All the communications should happen within the same network, host-to-host.
  2. The information shared through this app should be kept confidential. Hence, the whole IP packet should be encrypted, giving access to only authorized personnel.
  3. There should be a private network for host-to-host communication

Which of the following modes should Sara consider for encryption in this project?

  • Tunnel mode
  • Counter mode
  • GCM mode
  • Transport mode
A

Tunnel mode encrypts the whole IP packet, including the header and the data portion.
It also enables host-to-host communication. Hence, this is the best encryption mode to use.

23
Q

During an investigation, it was found that an attacker did the following:
Intercepted the request from the user to the server and established an HTTPS connection between the attacker’s computer and the server while having an unsecured HTTP connection with the user. This gave the attacker complete control over the secure webpage.
Which protocol helped facilitate this attack?

  • S/MIME
  • SSL
  • SSH
  • ECB
A

SSL

24
Q

Which of the following terms best describes the process in which a user believes that the browser connection they are using is secure and the data sent is encrypted when in reality, the connection is insecure, and the data is sent in plaintext?

  • SSL stripping
  • SQL injection
  • API attack
  • Revocation
A

SSL stripping

25
Q

Alliance Consulting, a company based in France, is shutting down. Louis, the owner of the company, applied to revoke his digital certificate. He is very busy with the other details of shutting the company down and needs to be able to check the certificate’s status quickly and easily. Which of the following will help him get a real-time lookup of the certificate’s status?

  • CRL
  • CSR
  • OCSP
  • EV
A

OCSP

26
Q
  1. What entity calls in crypto modules to perform cryptographic tasks?

a. Certificate Authority (CA)
b. Crypto service provider
c. Intermediate CA
d. OCSP

A

b. Crypto service provider

27
Q

_________________ are symmetric keys to encrypt and decrypt information exchanged during the session and to verify its integrity.

a. Digital digests
b. Encrypted signatures
c. Session keys
d. Digital certificates

A

c. Session keys

28
Q

A centralized directory of digital certificates is called a(n) _________________.

a. Digital signature permitted authorization (DSPA)
b. Authorized digital signature (ADS)
c. Digital signature approval list (DSAP)
d. Certificate repository (CR)

A

d. Certificate repository (CR)

29
Q

What is the purpose of certificate chaining?

a. To ensure that a web browser has the latest root certificate updates
b. To look up the name of intermediate RA
c. To group and verify digital certificates
d. To hash the private key

A

c. To group and verify digital certificates

30
Q

Which of the following is NOT a means by which a newly approved root digital certificate is distributed?

a. Pinning
b. OS updates
c. Application updates
d. Web browser updates

A

c. Application updates

31
Q

Which block cipher mode of operating requires that both the message sender and receiver access a counter that computes a new value whenever a ciphertext block is exchanged?

a. CTR
b. CN
c. CD
d. CXL

A

a. CTR

32
Q

Olivia is explaining to a friend about digital certificates. Her friend asks what two entities a digital certificate associates or binds together. What would Olivia say?

a. The users’ symmetric key with the public key
b. The users’ public key with their private key
c. The users’ identity with their public key
d. A private key with a digital signature

A

c. The users’ identity with their public key

33
Q

What is the file extension for a Cryptographic Message Syntax Standard based on PKCS#7 that defines a generic syntax for defining digital signature and encryption?

a. .P7B
b. .cer
c. .P12
d. .xdr

A

a. .P7B

34
Q
  1. Which refers to a situation in which keys are managed by a third party, such as a trusted CA?

a. Key authorization
b. Key escrow
c. Remote key administration
d. Trusted key authority

A

b. Key escrow

35
Q

Which is a protocol for securely accessing a remote computer in order to issue a command?

a. Transport Layer Security (TLS)
b. Secure Shell (SSH)
c. Secure Sockets Layer (SSL)
d. Secure Hypertext Transport Protocol (SHTTP)

A

b. Secure Shell (SSH)

BYU-i CIT270 2021 (17 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions