1) With asymmetric encryption, a single secret key is used to both encrypt and decrypt a given message a) True b) False 2) Each of the choices below are examples of certificate types except for which? a) x.400 b) x.509 c) PKCS #10 d) PKCS #7 3) ______ is a light-weight online service that can be used to check the validity of a certificate. a) OSCP b) CRL c) OCSP d) OCRL 4) Which stage of key and certificate management would most likely involve CRL and OCSP? a) Issuance b) Initialization c) Cancellation d) Recycle 5) With symmetric encryption, a single secret key is used to both encrypt and decrypt a given message. a) True b) False 6) Of the choices below, which can be categorized as an option for the "Something you know" authentication category? Select all that apply. a) Username b) Token c) Password d) Thumb print 7) The core part of PKI is the concept of the ________. These are self-signed certificates from a root CA, and all the certificates signed by it are trusted. a) intermediate signature b) root signature c) root certificate d) CRL 8) Select the pair from the below list that represents a multi-factor authentication option. a) Thumb print, iris scan b) Token, smart card c) Smart Card, thumbprint d) Username, Password 9) _____ authentication refers to a condition where the user authenticates themselves to the end service. a) End-to-end b) Intermediate c) Intermediary d) Full 10) Shawn has received an X.509 certificate in binary format, but with the system he needs to import the cert into does not accept certificates in this state. What does he likely need to do to address the issue he has? a) convert to DER b) convert to X.400 c) convert to PEM d) convert to X.500 11) A certificate is considered ______ in instances where a private key is thought to be compromised, but where an investigation has shown that it has not been breached.on hold a) revoked b) on hold c) repealed d) on hiatus 12) Aside from any unexpected occurrences that result in revocation, what defines the valid period of a digital certificate? a) Key Schedule b) OCSP c) CRL d) Start and end dates 13) Sue is planning to employ asymmetric cryptography within her organization and wants the means by which public keys are shared to include some form of verification. Of the choices below, which would be the best approach. a) Share the private key instead using Diffie Hellman b) Provide distributable digital certificates to communication parties c) Post the key pair on a company site accessible to the publicPost public keys on a company site accessible to the public d) Post public keys on a company site accessible to the public 14) A weakness of PKI involves users being tricked into installing a root CA, later used to validate fake certificates. a) True b) False 15) Regarding digital certificates, a self-signed certificate provides the highest degree of credibility and validity. a) True b) False 16) Sue is looking for a solution to implement at her organization to provide email encryption and authentication capability. From the list below, which solution would be her best choice? a) PGP b) Pop c) SMTP d) PMP 17) Use of a PKI (Public Key Infrastructure), where digital certificates are generated by a trusted _____ is a secure option for ensuring certificates used can be trusted as valid. a) Intermediate RA (Registration Authority) b) root CA (Certificate Authority) c) root RA (Registration Authority) d) PRNG (Pseudo-random Number Generator) 18) From the choices below, select two common problems associated with CRL usage. a) Certificates can be revoked in error b) Files becoming too small over time hindering query ability c) Validation creep d) Many systems do not continually check the list whenever a certificate is used. 19) From the list below, select the common methods of authentication. Select All that apply. a) One-way server authentication b) One-way client authentication c) Mutual authentication d) Multi Fraction Authentication 20) From the list below select the file type digital certificates are most often exported to. a) .CER b) .XLS c) .XOR d) .DOC 21) When using a PKI setup with certificate usage to ensure trust, a certificate generated by a trusted root CA is digitally signed with the _____ of the CA, so that the _______ of the CA can be used to check the validity of it. a) public key, private key b) public key, public key c) private key, public key d) private key, private key 22) Shawn works in Seattle but is currently away on vacation in the Caribbean on a white sand beach sipping tropical fruit juice from a pineapple. He attempts to log into work from his work laptop to get a jump on a few items he has to complete upon his return to work the next day but receives an authentication error and is unable to get in. He navigates to several other web pages and has no issues. What is a likely reason for the access denial. a) Shawn's organization employs federated authentication b) Shawn's internet connection is not working c) Shawn's organization employs a "somewhere you are" authentication factor d) Shawn's organization employs SSO 23) ______ is an authentication architecture that addresses scalability issues of prior authentication solutions and utilizes tickets as part of the identification and authentication process. a) IPSEC b) TGS c) Pre-shared key d) Kerberos 24) _____ authentication refers to a condition where only part of the conversation between the entities is authenticated. a) Intermediate b) End-to-end c) Intermediary d) Full 25) From the list below, select the items that are included in a distributable digital certificate. Select 3 a) Public key b) Private key c) Start date d) Issuer name 26) The difference between a certificate being revoked vs a certificate being on hold is that hold status can be reversed and revoked status cannot. a) True b) False 27) Of the choices below, which can be categorized as an option for the "Something you are" authentication category? Select all that apply a) Token b) Password c) Thumb print d) Smart Card

D334 - QZ-Chapter 6 Knowledge Check

Print
Embed

Leaderboard

Visual style

Options

Switch template

Continue editing: ?