Public Key Infrastructure Flashcards

1
Q

An entire system of hardware, software, policies, procedures, and people
that is based on asymmetric encryption

A

Public Key Infrastructure (PKI)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Digitally-signed electronic documents that bind a public key with a user’s
identity

A

Certificates

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Standard used PKI for digital certificates and contains the owner/user’s
information and the certificate authority’s information

A

X.509

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Allow all of the subdomains to use the same public key certificate and
have it displayed as valid

A

Wildcard Certificates

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Allows a certificate owner to specify additional domains and IP addresses
to be supported

A

Subject Alternative Name (SAN)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

The original ruleset governing the encoding of data structures for
certificates where several different encoding types can be utilized

A

Basic Encoding Rules (BER)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

A restricted version of the BER that only allows the use of only one
encoding type

A

Canonical Encoding Rules (CER)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Restricted version of the BER which allows one encoding type and has
more restrictive rules for length, character strings, and how elements of a
digital certificate are stored in X.509

A

Distinguished Encoding Rues (DER)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Used to verify information about a user prior to requesting that a
certificate authority issue the certificate

A

Registration Authority

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

The entity that issues certificates to a user

A

Certificate Authority

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

An online list of digital certificates that the certificate authority has
revoked

A

Certificate Revocation List (CRL)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

A protocol that allows you to determine the revocation status of a digital
certificate using its serial number

A

Online Certificate Status Protocol (OSCP)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Allows the certificate holder to get the OCSP record from the server at
regular intervals and include it as part of the SSL or TLS handshake

A

OSCP Stapling

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Allows an HTTPS website to resist impersonation attacks by presenting a
set of trusted public keys to the user’s web browser as part of the HTTP
header

A

Public Key Pinning

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Occurs when a secure copy of a user’s private key is held in case
the user accidently loses their key

A

Key Escrow

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

A specialized type of software that allows the restoration of a lost
or corrupted key to be performed

A

Key Recovery Agent

17
Q

A decentralized trust model that addresses issues associated with the
public authentication of public keys within a CA-based PKI system

A

Web of Trust