Security Ch. 6 – Flashcards
Unlock all answers in this set
Unlock answersquestion
Why is IPsec considered to be a transparent security protocol?
answer
IPsec is designed to not require modifications of programs, or additional training, or additional client setup
question
In the SSH suite, the ____________________ command allows a user to log on to a remote computer.
answer
?
question
A sensitive connection between a client and a web server uses what class of certificate?
answer
Class 2
question
Because of the limitations of a hierarchical trust model, what type of trust model is used for CAs on the Internet?
answer
distributed trust
question
What protocol below supports two encryption modes: transport and tunnel?
answer
IPSec
question
Select below the term that is used to describe a trusted third-party agency that is responsible for issuing digital certificates:
answer
Certification Authority
question
What kind of certificate is typically used by an individual to secure e-mail transmissions?
answer
Personal digital
question
When two individuals trust each other because of the trust that exists between the individuals and a separate entity, what type of trust has been established?
answer
third-party
question
Digital certificates cannot be used to identify objects other than users.
answer
False
question
Select below the secure alternative to the telnet protocol:
answer
SSH
question
____________________ may be defined as confidence in or reliance on another person or entity.
answer
trust
question
What is the name for an organization that receives, authenticates, and processes certificate revocation requests?
answer
Registration Authority
question
A framework for managing all of the entities involved in creating, storing, distributing, and revoking digital certificates
answer
Public key Infrastructure (PKI)
question
A trusted third-party agency that is responsible for issuing digital certificates
answer
Certificate Authority (CA)
question
A trust model with one CA that acts as a facilitator to interconnect all other CAs
answer
Bridge trust model
question
A technology used to associate a user's identity to a public key, in which the user's public key is digitally signed by trusted third party.
answer
Digital certificate
question
A trust model in which two individuals trust each other because each individually trusts a third party.
answer
Third-party trust
question
The type of trust relationship that can exist between individuals or entities.
answer
Trust model
question
A publicly accessible centralized directory of digital certificates that can be used to view the status of a digital certificate
answer
Certificate Repository
question
A process in which keys are managed by a third party, such as a trusted CA
answer
key escrow
question
Symmetric keys to encrypt and decrypt information exchanged during a handshake session between a web browser and web server
answer
Session keys
question
A trust model that has multiple CAs that sign digital certificates
answer
Distributed trust model
question
What cryptographic transport algorithm is considered to be significantly more secure than SSL?
answer
TLS
question
Key ____________________ dates prevent an attacker who may have stolen a private key from being able to decrypt messages for an indefinite period of time.
answer
expiration
question
Public keys can be stored by embedding them within digital certificates, while private keys can be stored on the user's local system.
answer
True
question
What protocol, developed by Netscape in 1994, is designed to create an encrypted data path between a client and server that could be used on any platform or operating system?
answer
SSL
question
SSL and TLS keys of what length are generally considered to be strong?
answer
4096
question
In the SSH suite, the ____________________ command allows a user to copy files between remote computers.
answer
?
question
A(n) ____________________ trust model can be used in an organization where one CA is responsible for only the digital certificates for that organization.
answer
hierarchical
question
A framework for all of the entities involved in digital certificates for digital certificate management is known as:
answer
Public key infrastructure
question
Digital signatures actually only show that the public key labeled as belonging to the person was used to encrypt the digital signature.
answer
True
question
A document that describes in detail how a CA uses and manages certificates, as well as how end users register for a digital certificate, is known as?
answer
Certificate practice statement (CPS)
question
The Authentication Header (AH) protocol is a part of what encryption protocol suite below?
answer
IPSec
question
The Encapsulating Security Payload (ESP) protocol ensures IPsec's confidentiality.
answer
True
question
At what stage can a certificate no longer be used for any type of authentication?
answer
expiration
question
Select below the type of certificate that is often issued from a server to a client, with the purpose of ensuring the authenticity of the server:
answer
Server digital
question
What type of trust model has a single CA that acts as a facilitator to interconnect all other CAs?
answer
bridge trust
question
Using what mechanism below can the non-repudiation of an e-mail and it's content be enforced?
answer
Asymmetric encryption
question
What type of cryptographic algorithm can be used to ensure the integrity of a file's contents?
answer
Hashing
question
The vulnerability discovered in IPsec in early 2014 was nicknamed Heartbleed, due to an issue with a heartbeat extension in the protocol.
answer
False
question
The process by which keys are managed by a third party, such as a trusted CA, is known as?
answer
Key escrow
