• Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off
Reading...
Front

Card Range To Study

through

image

Play button

image

Play button

image

Progress

1/92

Click to flip

Use LEFT and RIGHT arrow keys to navigate between flashcards;

Use UP and DOWN arrow keys to flip the card;

H to show hint;

A reads text to speech;

92 Cards in this Set

  • Front
  • Back
Which public-key algorithm was the first to allow two users to exchange a secret key over an insecure medium without any prior secret keys?
Diffie-Hellman
Do certificates provide encryption?
no
What are two types of ciphers?
block and streaming
What defines the allowed uses for a certificate issued by a certification authority (CA)?
the certificate policy
Which protocol number does Authentication Header (AH) use?
51
Which encryption method is more scalable?
asymmetric encryption
What is the name for an encryption key that can be easily reverse-engineered from the encrypted data by brute force methods?
a weak key
Which three security features do digital certificates provide?
authentication, data integrity, non-repudiation
Which protocol is the combination of PPTP and Cisco's Layer 2 Forwarding (L2F) technology?
Layer 2 Tunneling Protocol (L2TP)
What is the name for a hash algorithm that translates plaintext into an intermediate form?
a cipher
Which type of attack on a cryptographic algorithm uses brute force methods to encrypt text strings until the output matches the ciphertext?
a mathematical attack
Would a certification authority (CA) revoke a certificate if the certificate owner's private key were exposed?
yes
What is another name for public-key encryption?
asymmetric encryption
What type of brute-force attack attempts to find any two hashed messages that have the same value?
a birthday attack
What does the acronym L2TP denote?
Layer 2 Tunneling Protocol
On what does the Pretty Good Privacy (PGP) mail standard rely?
A web of trust
Which type of key management does Secure Multipurpose Internet Mail Extensions (S/MIME) use?
centralized
With what is the X.509 standard concerned?
digital certificates
What is the term for the process that applies a one-way mathematical function called a message digest function to an arbitrary amount of data?
hashing
What is key escrow?
when a third party maintains a secured copy of a user's private key to ensure that a lost key can be recovered
Which private-key encryption algorithm does Pretty Good Privacy (PGP) use to encrypt data?
International Data Encryption Algorithm (IDEA)
Does the S/MIME protocol use certificates?
yes
What are the two most important security needs that are met using Secure Multipurpose Internet Mail Extensions (S/MIME)?
authentication and confidentiality
Which type of key management does Encryption File System (EFS) use: centralized or decentralized?
decentralized
What is the name for the array where hashed items are kept?
hash table
Which type of cipher encrypts data in fixed-size blocks?
block cipher
Is the RSA algorithm symmetric or asymmetric?
asymmetric
What is the key length used by a one-time pad?
The key length is the same length as the message that is to be encrypted. The message length determines the key length.
Which protocol number does Encapsulating Security Payload (ESP) use?
50
Is International Data Encryption Algorithm (IDEA) symmetric or asymmetric?
symmetric
What is the hash value length, in bits, that is provided by the Secure Hash Algorithm (SHA)?
160
Which two protocols provide encryption for HTTP/S?
Secure Sockets Layer (SSL) and Transport Layer Security (TLS)
What is the name for the data structure that maintains a list of certificates that have been revoked before their expiration date?
a certificate revocation list (CRL)
Which key should be encrypted and protected with a password when stored: a public key or private key?
a private key
Which key is included in an X.509 v3 certificate?
the certificate owner's public key
Does Pretty Good Privacy (PGP) provide confidentiality?
yes
Which certification authority (CA) has the highest level of trust in a trust hierarchy?
root CA
What is the opposite of confidentiality
disclosure
Which type of cryptography ensures that encryption and authentication can take place without the communicating parties sharing any private keys?
asymmetric
Which type of cryptography relies more on physics, rather than mathematics, as a key aspect of its security model?
quantum cryptography
What is an entity that issues and manages certificates?
certification authority (CA)
What is the key size, in bits, used by the Clipper Chip?
80
Which encryption method is faster?
symmetric encryption
Which key is used to create a digital signature?
the sender's private key
Is the Skipjack algorithm symmetric or asymmetric?
symmetric
Which PKI object do you use to verify that a user sending a message is who he or she claims to be?
a digital certificate
What are two other names for single-key cryptography?
symmetric key encryption and secret-key encryption
Would a certification authority (CA) revoke a certificate if the certificate owner's public key were exposed?
no
Which algorithms are symmetric key algorithms?
Data Encryption Standard (DES), Triple DES (3DES), Blowfish, IDEA, RC4, RC5, RC6, and Advanced Encryption Standard (AES)
What does PKCS stand for?
Public-Key Cryptography Standard
Which security concept ensures that data is protected from being accessed by unauthorized persons?
confidentiality
What is the size, in bits, of a Message Digest version 5 (MD5) hash?
128
What must a user provide with a security token to be authenticated to a network?
a personal identification number (PIN)
What is the safest method for creating and managing key pairs: centralized or de-centralized key management?
centralized key management
What is the name for the list of locations where software can check to see whether a user's certificate has been revoked?
CRL Distribution Point (CDP)
On which standard are certificates based?
X.509
What is the key size, in bits, of the Data Encryption Standard (DES)?
56
Which standard is a specfication for secure e-mail, designed to prevent the decryption of e-mail messages?
Secure Multipurpose Internet Mail Extension (S/MIME)
What is the purpose of a file's MD5 hash value?
to verify file integrity
What does the acronym PKI denote?
public key infrastructure
Is the Message Digest 5 (MD5) algorithm used with symmetric or asymmetric key algorithms?
asymmetric
What defines the way in which a certification authority (CA) implements the creation of certificates?
the certificate practice statement
Which Application-layer protocol supports public-key encryption and key distribution centers (KDCs)?
Internet Key Management Protocol (IKMP)
What is the purpose of embedding a timestamp within ciphertext?
It will decrease the chance of the message being replayed.
Which key is used to decrypt a digital signature: public or private?
public
What was the first public-key algorithm ever used?
Diffie-Hellman
Which standard developed by RSA offers encryption of e-mail messages and authentication of received e-mail using digital signatures?
S/MIME
Certificate enrollment procedures typically require a user to provide proof of identify and which other item to a certification authority (CA)?
public key
How is a digital signature created from a message digest?
It is encrypted using the sender's private key.
Is the Triple-DES algorithm symmetric or asymmetric?
symmetric
Which algorithms are asymmetric key algorithms?
Rivest, Shamir, and Adleman (RSA), elliptic curve cryptosystem (ECC), Diffie-Hellman, El Gamal, Digital Signature Algorithm (DSA), and Knapsack
Is Advanced Encryption Standard (AES) symmetric or asymmetric?
symmetric
Which attack is defended against by increasing the length of the key?
an exhaustive attack
What would a certification authority (CA) do if a private key associated with a certificate had been compromised?
revoke the certificate
Which term refers to the assurance that data has not been altered in transmission?
data integrity
What is the name for the framework for key exchange management?
Internet Security Association and Key Management Protocol (ISAKMP)
In asymmetric encryption for a digital signature, which key is used for encryption: public or private?
public
What is stenography?
A cryptography method in which data is hidden in another media type
What are the three issues that symmetric data encryption fails to address?
data integrity, repudiation, scalable key distribution
Which hashing algorithm produces a message digest of 160 bits in length?
Secure Hash Algorithm (SHA-1)
Which security device requires physical possession and has passwords that can only be used once?
a token
What is the hash value length, in bits, that is provided by the Message Digest 2 (MD2), MD4 and MD5 algorithms?
128
Which block cipher is used in the Clipper chip?
Skipjack
Which type of cryptography is more secure: symmetric or asymmetric?
asymmetric
Is the Data Encryption Standard (DES) algorithm asymmetric or symmetric?
symmetric
What is most commonly used to provide proof of a message's origin?
a digital signature
Does Pretty Good Privacy (PGP) provide authentication?
no
Which cryptography technique is based on a combination of two keys: a secret (private) key and a public key?
public-key cryptography
What does the subject field in an X.509 v3 certificate contain?
the name of the certificate owner
What is the length of an IDEA key?
128 bits
Which encryption algorithm uses an 80-bit key to encrypt 64-bit blocks of data?
Skipjack
Which protocol provides connectionless integrity, data origin authentication, replay protection, and confidentiality (encryption) using Authentication Header (AH) and Encapsulating Security Payload (ESP)?
Internet Protocol Security (IPSec)