Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
92 Cards in this Set
- Front
- Back
Which public-key algorithm was the first to allow two users to exchange a secret key over an insecure medium without any prior secret keys?
|
Diffie-Hellman
|
|
Do certificates provide encryption?
|
no
|
|
What are two types of ciphers?
|
block and streaming
|
|
What defines the allowed uses for a certificate issued by a certification authority (CA)?
|
the certificate policy
|
|
Which protocol number does Authentication Header (AH) use?
|
51
|
|
Which encryption method is more scalable?
|
asymmetric encryption
|
|
What is the name for an encryption key that can be easily reverse-engineered from the encrypted data by brute force methods?
|
a weak key
|
|
Which three security features do digital certificates provide?
|
authentication, data integrity, non-repudiation
|
|
Which protocol is the combination of PPTP and Cisco's Layer 2 Forwarding (L2F) technology?
|
Layer 2 Tunneling Protocol (L2TP)
|
|
What is the name for a hash algorithm that translates plaintext into an intermediate form?
|
a cipher
|
|
Which type of attack on a cryptographic algorithm uses brute force methods to encrypt text strings until the output matches the ciphertext?
|
a mathematical attack
|
|
Would a certification authority (CA) revoke a certificate if the certificate owner's private key were exposed?
|
yes
|
|
What is another name for public-key encryption?
|
asymmetric encryption
|
|
What type of brute-force attack attempts to find any two hashed messages that have the same value?
|
a birthday attack
|
|
What does the acronym L2TP denote?
|
Layer 2 Tunneling Protocol
|
|
On what does the Pretty Good Privacy (PGP) mail standard rely?
|
A web of trust
|
|
Which type of key management does Secure Multipurpose Internet Mail Extensions (S/MIME) use?
|
centralized
|
|
With what is the X.509 standard concerned?
|
digital certificates
|
|
What is the term for the process that applies a one-way mathematical function called a message digest function to an arbitrary amount of data?
|
hashing
|
|
What is key escrow?
|
when a third party maintains a secured copy of a user's private key to ensure that a lost key can be recovered
|
|
Which private-key encryption algorithm does Pretty Good Privacy (PGP) use to encrypt data?
|
International Data Encryption Algorithm (IDEA)
|
|
Does the S/MIME protocol use certificates?
|
yes
|
|
What are the two most important security needs that are met using Secure Multipurpose Internet Mail Extensions (S/MIME)?
|
authentication and confidentiality
|
|
Which type of key management does Encryption File System (EFS) use: centralized or decentralized?
|
decentralized
|
|
What is the name for the array where hashed items are kept?
|
hash table
|
|
Which type of cipher encrypts data in fixed-size blocks?
|
block cipher
|
|
Is the RSA algorithm symmetric or asymmetric?
|
asymmetric
|
|
What is the key length used by a one-time pad?
|
The key length is the same length as the message that is to be encrypted. The message length determines the key length.
|
|
Which protocol number does Encapsulating Security Payload (ESP) use?
|
50
|
|
Is International Data Encryption Algorithm (IDEA) symmetric or asymmetric?
|
symmetric
|
|
What is the hash value length, in bits, that is provided by the Secure Hash Algorithm (SHA)?
|
160
|
|
Which two protocols provide encryption for HTTP/S?
|
Secure Sockets Layer (SSL) and Transport Layer Security (TLS)
|
|
What is the name for the data structure that maintains a list of certificates that have been revoked before their expiration date?
|
a certificate revocation list (CRL)
|
|
Which key should be encrypted and protected with a password when stored: a public key or private key?
|
a private key
|
|
Which key is included in an X.509 v3 certificate?
|
the certificate owner's public key
|
|
Does Pretty Good Privacy (PGP) provide confidentiality?
|
yes
|
|
Which certification authority (CA) has the highest level of trust in a trust hierarchy?
|
root CA
|
|
What is the opposite of confidentiality
|
disclosure
|
|
Which type of cryptography ensures that encryption and authentication can take place without the communicating parties sharing any private keys?
|
asymmetric
|
|
Which type of cryptography relies more on physics, rather than mathematics, as a key aspect of its security model?
|
quantum cryptography
|
|
What is an entity that issues and manages certificates?
|
certification authority (CA)
|
|
What is the key size, in bits, used by the Clipper Chip?
|
80
|
|
Which encryption method is faster?
|
symmetric encryption
|
|
Which key is used to create a digital signature?
|
the sender's private key
|
|
Is the Skipjack algorithm symmetric or asymmetric?
|
symmetric
|
|
Which PKI object do you use to verify that a user sending a message is who he or she claims to be?
|
a digital certificate
|
|
What are two other names for single-key cryptography?
|
symmetric key encryption and secret-key encryption
|
|
Would a certification authority (CA) revoke a certificate if the certificate owner's public key were exposed?
|
no
|
|
Which algorithms are symmetric key algorithms?
|
Data Encryption Standard (DES), Triple DES (3DES), Blowfish, IDEA, RC4, RC5, RC6, and Advanced Encryption Standard (AES)
|
|
What does PKCS stand for?
|
Public-Key Cryptography Standard
|
|
Which security concept ensures that data is protected from being accessed by unauthorized persons?
|
confidentiality
|
|
What is the size, in bits, of a Message Digest version 5 (MD5) hash?
|
128
|
|
What must a user provide with a security token to be authenticated to a network?
|
a personal identification number (PIN)
|
|
What is the safest method for creating and managing key pairs: centralized or de-centralized key management?
|
centralized key management
|
|
What is the name for the list of locations where software can check to see whether a user's certificate has been revoked?
|
CRL Distribution Point (CDP)
|
|
On which standard are certificates based?
|
X.509
|
|
What is the key size, in bits, of the Data Encryption Standard (DES)?
|
56
|
|
Which standard is a specfication for secure e-mail, designed to prevent the decryption of e-mail messages?
|
Secure Multipurpose Internet Mail Extension (S/MIME)
|
|
What is the purpose of a file's MD5 hash value?
|
to verify file integrity
|
|
What does the acronym PKI denote?
|
public key infrastructure
|
|
Is the Message Digest 5 (MD5) algorithm used with symmetric or asymmetric key algorithms?
|
asymmetric
|
|
What defines the way in which a certification authority (CA) implements the creation of certificates?
|
the certificate practice statement
|
|
Which Application-layer protocol supports public-key encryption and key distribution centers (KDCs)?
|
Internet Key Management Protocol (IKMP)
|
|
What is the purpose of embedding a timestamp within ciphertext?
|
It will decrease the chance of the message being replayed.
|
|
Which key is used to decrypt a digital signature: public or private?
|
public
|
|
What was the first public-key algorithm ever used?
|
Diffie-Hellman
|
|
Which standard developed by RSA offers encryption of e-mail messages and authentication of received e-mail using digital signatures?
|
S/MIME
|
|
Certificate enrollment procedures typically require a user to provide proof of identify and which other item to a certification authority (CA)?
|
public key
|
|
How is a digital signature created from a message digest?
|
It is encrypted using the sender's private key.
|
|
Is the Triple-DES algorithm symmetric or asymmetric?
|
symmetric
|
|
Which algorithms are asymmetric key algorithms?
|
Rivest, Shamir, and Adleman (RSA), elliptic curve cryptosystem (ECC), Diffie-Hellman, El Gamal, Digital Signature Algorithm (DSA), and Knapsack
|
|
Is Advanced Encryption Standard (AES) symmetric or asymmetric?
|
symmetric
|
|
Which attack is defended against by increasing the length of the key?
|
an exhaustive attack
|
|
What would a certification authority (CA) do if a private key associated with a certificate had been compromised?
|
revoke the certificate
|
|
Which term refers to the assurance that data has not been altered in transmission?
|
data integrity
|
|
What is the name for the framework for key exchange management?
|
Internet Security Association and Key Management Protocol (ISAKMP)
|
|
In asymmetric encryption for a digital signature, which key is used for encryption: public or private?
|
public
|
|
What is stenography?
|
A cryptography method in which data is hidden in another media type
|
|
What are the three issues that symmetric data encryption fails to address?
|
data integrity, repudiation, scalable key distribution
|
|
Which hashing algorithm produces a message digest of 160 bits in length?
|
Secure Hash Algorithm (SHA-1)
|
|
Which security device requires physical possession and has passwords that can only be used once?
|
a token
|
|
What is the hash value length, in bits, that is provided by the Message Digest 2 (MD2), MD4 and MD5 algorithms?
|
128
|
|
Which block cipher is used in the Clipper chip?
|
Skipjack
|
|
Which type of cryptography is more secure: symmetric or asymmetric?
|
asymmetric
|
|
Is the Data Encryption Standard (DES) algorithm asymmetric or symmetric?
|
symmetric
|
|
What is most commonly used to provide proof of a message's origin?
|
a digital signature
|
|
Does Pretty Good Privacy (PGP) provide authentication?
|
no
|
|
Which cryptography technique is based on a combination of two keys: a secret (private) key and a public key?
|
public-key cryptography
|
|
What does the subject field in an X.509 v3 certificate contain?
|
the name of the certificate owner
|
|
What is the length of an IDEA key?
|
128 bits
|
|
Which encryption algorithm uses an 80-bit key to encrypt 64-bit blocks of data?
|
Skipjack
|
|
Which protocol provides connectionless integrity, data origin authentication, replay protection, and confidentiality (encryption) using Authentication Header (AH) and Encapsulating Security Payload (ESP)?
|
Internet Protocol Security (IPSec)
|