Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
15 Cards in this Set
- Front
- Back
|
What is the purpose of key escrow? A. To grant the certificate authority full control over the communication environment B. To provide a means to recover from a lost private key C. Collection of additional fees over the life of using a public digital certificate D. To provide a means for legal authorities to access confidential data |
D. To provide a means for legal authorities to access confidential data
|
|
|
Which aspect of certificates makes them a reliable and useful mechanism for proving the identity of a person, system, or service on the Internet?
A. It is a digital mechanism rather than a physical one B. Ease of use C. Trusted third-party D. Electronic signatures |
C. Trusted third-party
|
|
|
Which of the following items are contained in a digital certificate? (Select two. )
A. Private Key B. Root CA secret key C. Validity period D. Public Key |
C. Validity period and D. Public Key
|
|
|
In what form of key management solution is key recovery possible?
A. Public B. Hierarchical C. Decentralized D. Centralized |
D. Centralized
|
|
|
Which of the following conditions does not result in a certificate being added to the certificate revocation list?
A. Committing a crime using the certificate B. Certificate expiration C. Private key compromise D. Invalid identity credentials |
B. Certificate expiration
|
|
|
Which of the following is an entity that accepts and validates information contained within a request for a certificate?
A. Registration authority B. Enrollment agent C. Recovery agent D. Certificate authority |
A. Registration authority
|
|
|
Which of the following would you find on a CPS?
A. A declaration of the security that the organization is implementing for all certificates B. A list of revoked certificates C. A list of issued certificates D. A description of the format for a certificate |
A. A declaration of the security that the organization is implementing for all certificates
|
|
|
What is a PKI?
A. A protocol that defines secure key exchange B. A program that generates key pairs C. A hierarchy of computers for issuing certificates D. An algorithm for encrypting and decrypting data |
C. A hierarchy of computers for issuing certificates
|
|
|
A PKI is a method for managing which type of encryption?
A. Symmetric B. Asymmetric C. Steganography D. Hashing |
B. Asymmetric
|
|
|
What technology was developed to help improve the efficiency and reliability of checking the validity status of certificates in large complex environments?
A. Online Certificate Status Protocol B. Key Escrow C. Certificate Revocation List D. Private Key Recovery |
A. Online Certificate Status Protocol
|
|
|
You have lost the private key that you have used to encrypt files. You need to get a copy of the private key to open some encrypted files. Who should you contact?
A. Registration authority B. Recovery agent C. Enrollment agent D. Certification authority |
B. Recovery agent
|
|
|
You have a Web server that will be used for secure transactions for customers who access theWeb site over the Internet. The Web server requires a certificate to support SSL. Which method would you use to get a certificate for the server?
A. Run a third-party tool to generate the certificate. B. Have the server generate its own certificate. C. Obtain a certificate from a public PKI. D. Create your own internal PKI to issue certificates. |
C. Obtain a certificate from a public PKI.
|
|
|
To obtain a digital certificate and participate in a Public Key Infrastructure (PKI), what must be submitted and where should it be submitted?
A. Identifying data with the MAC and IP addresses to the root certificate authority (CA)B. Identifying data and a certification request to the registration authority (RA) C. Identifying data and a secret key request to the subordinate distribution authority (DA) D. Identifying data with the 3DES block cipher to the hosting certificate authority (CA) |
B. Identifying data and a certification request to the registration authority (RA)
|
|
|
How many keys are used with Public Key Cryptography? A: One B: Two C: Three D; four |
B: Two
|
|
|
When is the best time to apply for a certificate renewal? A: Near the end of the certificate's valid lifetime B: After a certificate has been revoked C: Immediately after a certificate is issued D: Just after a certificate expires |
A: Near the end of the certificate's valid lifetime
|
