Chapter 4

What type of trust model is used as the basis for most digital certificates used on the Internet? A. third-party trust B. distributed trust C. related trust D. managed trust

What protocol, developed by Netscape in 1994, is designed to create an encrypted data path between a client and server that could be used on any platform or operating system? A. SSL B. PEAP C. TLS D. EAP

Which of the following certificates are self-signed? A. trusted digital certificates B. web digital certificates C. root digital certificates D. user digital certificate

Which of the following is an input value that must be unique within some specified scope, such as for a given period or an entire session? A. initialization vector B. counter C. salt D. nonce

What block cipher mode of operation encrypts plaintext and computes a message authentication code to ensure that the message was created by the sender and that it was not tampered with during transmission? A. Electronic Code Book B. Counter C. Cipher Block Chaining D. Galois/Counter

Stream ciphers work on multiple characters at a time. True False

Some cryptographic algorithms require that in addition to a key another value can or must be input. True False

Root digital certificates are should never be self-signed. True False

A Subject Alternative Name (SAN) digital certificate, is also known as a Unified Communications Certificate (UCC). True False

Some CAs issue only entry-level certificates that provide domain-only validation. True False

Which digital certificate displays the name of the entity behind the website? A. Online Certificate Status Certificate B. Session Certificate C. Extended Validation (EV) Certificate D. D. X.509 Certificate

A digital certificate associates _____. A. the user's identity with his public key B. a user's public key with his private key C. a user's private key with the public key D. a private key with a digital signature

Which of these is considered the strongest cryptographic transport protocol? A. SSL v2.0 B. SSL v2.0 C. TLS v1.2 D. TLS v1.0

Which of the following is NOT a method for strengthening a key? A. Cryptoperiod B. Randomness C. Variability D. Length

A(n) _____ is a published set of rules that govern the operation of a PKI. A. enforcement certificate (EF) B. signature resource guide (SRG) C. certificate policy (CP) D. certificate practice statement (CPS)

What type of trust model has a single CA that acts as a facilitator to interconnect all other CAs? A. bridge trust B. transitive trust C. third-party trust D. distributed trust

Select the term that is used to describe a trusted third-party agency that is responsible for issuing digital certificates: A. Participation Authority B. Delegation Authority C. Registration Authority D. Certification Authority

Select the secure alternative to the telnet protocol: A. HTTPS B. SSH C. TLS D. IPsec

What is a value that can be used to ensure that plaintext, when hashed, will not consistently result in the same digest? A. counter B. initialization vector C. nonce D. salt

Which of the following is a valid way to check the status of a certificate? (Choose all that apply.) A. Online Certificate Status Protocol B. Revocation List Protocol C. Certificate Revocation List D. Certificate Revocation Authority

Digital certificates should last forever. True False

SSL v3.0 served as the basis for TLS v1.0. True False

A certificate repository (CR) is a publicly accessible centralized directory of digital certificates. True False

A user electronically signs a Certificate Signing Request (CSR) by affixing their public key and then sending it to an intermediate certificate authority. True False

The strongest technology that would assure Alice that Bob is the sender of a message is a(n) _____. A. digital signature B. encrypted signature C. digest D. digital certificate

A(n) _____ is a published set of rules that govern the operation of a PKI. A. signature resource guide (SRG) B. certificate policy (CP) C. enforcement certificate (EF) D. certificate practice statement (CPS)

Which statement is NOT true regarding hierarchical trust models? A. It is designed for use on a large scale. B. The root signs all digital certificate authorities with a single key. C. The master CA is called the root. D. It assigns a single hierarchy with one master CA.

Which digital certificate displays the name of the entity behind the website? A. D. X.509 Certificate B. Extended Validation (EV) Certificate C. Session Certificate D. Online Certificate Status Certificate

An entity that issues digital certificates is a _____. A. Certificate Signatory (CS) B. Signature Authority (SA) C. Certificate Authority (CA) D. Digital Signer (DS)