Security+ Chapter 7

What is PKIX? - One of the standards used in implementing a public key infrastructure - A method of private cryptography used by the military - A method of encrypting e-mail from the IRS - The method of encryption that uses a 40 bit encryption key

What is PKCS? - One of the standards used in implementing a public key infrastructure - A method of private cryptography used by the military - A method of encrypting e-mail from the IRS - The method of encryption that used a 40 bit encryption key

What is a certificate? - A certificate used to encrypt a message in PKI - A method of certifying the strength of an encryption key - A digital document that is used to verify the owner's identity - A certificate used in changing the key strength in PKI

What are the SSL and TLS used for? - A means of securing application programs on the system - To secure communication over the internet - A method to change from one form of PKI infrastructure to another - A secure way to reduce the amount of SPAM a system receives

Pretty good privacy (or PGP) is - A privacy group that fights against the government - A common encryption method for e-mail - A password management system - A method of security an operating system kernel

What is Wired Equivalent Privacy (WEP)? - A method that is used to encrypt wireless communications in an 802.11 environment - A signal that jams other wireless devices attempting to access the system - A method to change encryption standards during a transmission - An encryption method used to secure bank passwords

What is the ISO 17799? - A standard for creating and implementing security policies - A standard for international encryption of e-mail - A document used to develop physical security for a building - A document describing the details of wireless encryption

What is IPsec? - A collection of IP security features designed to introduce security at the network or packet-processing layer - An application that encrypts e-mail - A standard setting group that dictates internet security standards - The company to first introduce the concept of encryption

What is Certificate Authority? - A third party that issues digital certificates - A auditing firm that ensures encryption security - A certified professional that audits systems for security - A third party that encrypts information for people

What is CMP? - This protocol defines the messages and operations required to provide certificate management services - An encryption protocol used to verify a key length - An application that decrypts encrypted e-mail - A common message protocol that is used in e-mail

What is XKMS? - Key Management Specification, which defines - services to manage PKI operations within the Extensible Markup Language (XML) environment - An XML standard for e-mail encryption - A XML standard that used for wireless data exchange - A primary XML standard that is for application development

What is Internet Security Association and Key Management ISAKMP? - A method for implementing a key exchange protocol and for negotiating a security policy - The name of the a organization that creates the encryption keys - A protocol to encrypt e-mail - A program that creates random numbers used in encryption keys

What are the documents developed by the government to aid in the development of a standard for use in areas such as security or system interoperability? - FES, Federal encryption standards - FIPS, Federal Information Processing Standards - FIRE, Federal information regulation enterprise - FIES, Federal information and encryption standards

What function does Tier 1of the XML protocol service, based on the client requests and application requirements, perform? - It locates the appropriate key information for the client - Performs a data validation on a portion of the key - Automatically updates the firewall installed on the user's computer - Updates the cryptographic algorithms for the S/MIME

For products evaluated by Common Criteria, the highest level of assurance is - EAL 1 - EAL 8 - EAL 7 - EAL 9

Which is the strongest implementation class of WTLS? - First class - Class 1 - Class 2 - Class 3

PGP uses - Private key encryption - Asymmetric encryption - Symmetric encryption - Anomalous encryption

HTTPS uses port - 80 - 8080 - 443 - 433

WEP has all of the following weaknesses of EXCEPT: - The secret key is only 40 bits long. - It is susceptible to collision attacks. - Even the 128 bit version is vulnerable. - Many wireless implementations do not come with WEP enabled

Certificates that should no longer be used due to compromise should be - Deleted - Moved to a different computer - Revoked - Removed

The Certificate Authority is responsible for issuing, storing, and revoking certificates. True or False

The X.905 standard specifies formats for public key certificates. True or False

SSL provides secure connections for web transfers using encryption. True or False

The Certificate Management Protocol (CMP) defines the messages and operations required to provide certificate management services within the PKIX model. True or False

The current version of S/MIME is version 2. True or False

PGP uses private key encryption for encrypting and decrypting e-mail. True or False

The "S" in HTTPS signifies the protocol used when opening multiple web pages simultaneously. True or False

IPsec is short for the "second" version of IP. True or False

WEP uses public key encryption so it has secure wireless communications. True or False