N2K - Flash Cards - General Security Concepts - Explain the importance of using appropriate cryptographic solutions
Which type of encryption can encrypt an entire drive or series of drives?
Volume-Level
Which key-pair key should be encrypted and protected with a password when stored?
A private key
Which type of key management does Secure Multipurpose Internet Mail Extensions (S/MIME) use: centralized or decentralized?
Centralized
What are trusted entities issuing digital certificates validating the identity of entities in secure communication?
Certificate Authorities
Which certificates are used to secure multiple websites with a single SSL certificate?
Wildcard Certificates
How many levels up do wildcard certificates support?
Only one level up in the fully qualified domain name (FQDN)
What is the difference between TPM and HSM chips?
Trusted Platform Module (TPM) chips are part of the motherboard. Hardware Security Module (HSM) chips are part of a PCI card that is mounted in a slot on the motherboard.
Which algorithms are asymmetric key algorithms?
Rivest, Shamir, and Adleman (RSA)
Elliptic Curve Cryptosystem (ECC)
Diffie-Hellman
El Gamal
Digital Signature Algorithm (DSA)
Knapsack
What is the default automated key-management protocol for IPSec?
Internet Key Exchange (IKE)
What is the technique of replacing sensitive data with unique identifiers to protect confidentiality during storage or transmission?
Tokenization
What is a TPM?
A dedicated processor that uses cryptographic keys to perform a variety of tasks
What can be described as a distributed database accessible to all participants, recording transactions transparently, like in blockchain technology?
Open Public Ledger
What is the term for unencrypted network traffic?
Cleartext Communication
What is the initial certificate in a hierarchy, ensuring authenticity and integrity of subsequent certificates in secure communications.
Root of Trust
What portion(s) of the IP packet are encrypted in IPSec transport mode?
The payload
Which two chips are used to implement hardware-based encryption?
Trusted Platform Module (TPM) and Hardware Security Module (HSM) chips
What is often found in mobile devices that is an isolated hardware/software environment for processing sensitive data?
Secure Enclave
What is key escrow?
When you maintain a secured copy of a user’s private to ensure that you can recover the lost key
What is the key length used by a one-time pad?
The key length is the same length as the message that is to be encrypted. The message length determines the key length.
How is a digital signature created from a message digest?
It is encrypted using the sender’s private key.
What type of encryption works with individual data entries in a database?
Record-Level
Which public-key algorithm was the first to allow two users to exchange a secret key over an insecure medium without any prior secret keys?
Diffie-Hellman
If Alice wants to encrypt a message using asymmetric encryption that only Bob can read, which key must she use?
Bob’s Public Key
What is a digital proof of identity issued by an entity other than the recipient, facilitating secure online transactions?
Third-Party Certificate
Which component performs peer authentication and key exchange within the Internet Protocol Security (IPSec) protocol?
The Internet Key Exchange (IKE)
Which type of encryption safeguards the structure of a database and its contents?
Database-Level
Which hashing algorithm produces a message digest of 160 bits in length?
Secure Hash Algorithm (SHA-1)
What is the process of concealing original data with fictitious, but realistic, values to preserve usability while protecting sensitive information?
Data Masking
What is the term for the process of hiding data in an image?
Steganography
Certificate enrollment procedures typically require a user to provide proof of identity and which other item to a certification authority (CA)?
Public Key
What is contained within an X.509 CRL?
A list of serial numbers of unexpired or revoked digital certificates that should be considered invalid
Which type of cryptography is more secure: symmetric or asymmetric?
Asymmetric
Which private-key encryption algorithm does Pretty Good Privacy (PGP) use to encrypt data?
International Data Encryption Algorithm (IDEA)
What are the three issues that symmetric data encryption fails to address?
Data Integrity
Repudiation
Scalable Key Distribution