Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
74 Cards in this Set
- Front
- Back
|
335. SSL (Secure Sockets Layer) operates between which two layers of the OSI (Open Systems Interconnect) model?
A. application and transport B. transport and network C. network and data link D. data link and physical |
A
|
|
|
369. There are a number of ports in TCP/IP that can be scanned, exploited or
attacked. How many ports are vunerable to such operations? A. 32 B. 1,024 C. 65,535 D. 16,777,216 |
C
|
|
|
31. What port does SNMP use?
A. 21 B. 161 C. 53 D. 49 |
B
|
|
|
6. In order for a user to obtain a certificate from a trusted CA (Certificate Authority), the user must present proof of identity and a:
A. private key. B. public key. C. password. D. Kerberos key. |
B
|
|
|
12. Asymmetric cryptography ensures that:
A. encryption and authentication can take place without sharing private keys. B. encryption of the secret key is performed with the fastest algorithm available. C. encryption occurs only when both parties have been authenticated. D. encryption factoring is limited to the session key. |
A
|
|
|
34. If a private key becomes compromised before its certificate’s normal expiration date, X.509 defines a method requiring each CA (Certificate Authority) to periodically issue a signed data structure called a certificate:
A. enrollment list. B. expiration list. C. revocation list. D. validation list. |
C
|
|
|
41. Data integrity is best achieved using a(n):
A. asymmetric cipher. B. digital certificate. C. message digest. D. symmetric cipher. |
C
|
|
|
43. Which of the following is an example of an asymmetric algorithm?
A. CAST (Carlisle Adams Stafford Tavares). B. RC5 (Rivest Cipher 5). C. RSA (Rivest Shamir Adelman). D. SHA-l (Secure Hashing Algorithm 1). |
C
|
|
|
45. User A needs to send a private e-mail to User B. User A does not want anyone to have the ability to read the e-mail except for User B, thus retaining privacy. Which tenet of information security is User A concerned about?
A. authentication. B. integrity. C. confidentiality. D. non-repudiation. |
C
|
|
|
50. The protection of data against unauthorized access or disclosure is an example of what?
A. confidentiality B. integrity C. signing D. hashing |
A
|
|
|
74. A common algorithm used to verify the integrity of data from a remote user through the creation of a 128-bit hash from a data input is:
A. IPSec (Internet Protocol Security). B. RSA (Rivest Shamir Adelman). C. Blowfish. D. MD5 (Message Digest). |
D
|
|
|
78. The use of embedded root certificates within web browsers is an example of which of the following trust models?
A. bridge. B. mesh. C. hierarchy. D. trust list. |
D
|
|
|
84. Non-repudiation is generally used to:
A. protect the system from transmitting various viruses, worms and Trojan horses to other computers on the same network. B. protect the system from DoS (Denial of Service) attacks. C. prevent the sender or the receiver from denying that the communication between them has occurred. D. ensure the confidentiality and integrity of the communication. |
C
|
|
|
85. Which of the following hash functions generates a 160-bit output?
A. MD4 (Message Digest 4). B. MD5 (Message Digest5). C. DES (Data Encryption Standard). D. SHA-1 (Secure Hashing Algorithm 1). |
D
|
|
|
92. Digital certificates can contain which of the following items:
A. the CA’s (Certificate Authority) private key. B. the certificate holder’s private key. C. the certificate’s revocation information. D. the certificate’s validity period. |
D
|
|
|
93. Which encryption key is used to verify a digital signature?
A. the signer’s public key. B. the signer’s private key. C. the recipient's public key. D. the recipient's private key. |
A
|
|
|
105. The Diffie-Hellman algorithm allows:
A. access to digital certificate stores from a certificate authority. B. a secret key exchange over an insecure medium without any prior secrets. C. authentication without the use of hashing algorithms. D. multiple protocols to be used in key exchange negotiations. |
B
|
|
|
110. A user wants to send an e-mail and ensure that the message is not tampered with while in transit. Which feature of modern cryptographic systems will facilitate this?
A. confidentiality. B. authentication. C. integrity. D. non-repudiation. |
C
|
|
|
120. File encryption using symmetric cryptography satisfies what security requirement?
A. confidentiality. B. access control. C. data integrity. D. authentication. |
A
|
|
|
127. A user logs onto a workstation using a smart card containing a private key. The user is verified when the public key is successfully factored with the private key. What security service is being provided?
A. authentication. B. confidentiality. C. integuity. D. non-repudiation. |
A
|
|
|
128. In cryptographic operations, digital signatures can be used for which of the following systems?
A. encryption. B. asymmetric key. C. symmetric and encryption. D. public and decryption. |
B
|
|
|
132. Digital signatures can be used for which of the following?
A. availability. B. encryption. C. decryption. D. non-repudiation. |
D
|
|
|
135. During the digital signature process, asymmetric cryptography satisfies what security requirement?
A. confidentiality. B. access control. C. data integrity. D. authentication. |
D
|
|
|
144. Which of the following keys is contained in a digital certificate?
A. public key. B. private key. C. hashing key. D. session key. |
A
|
|
|
146. Message authentication codes are used to provide which service?
A. integrity. B. fault recovery. C. key recovery. D. acknowledgement. |
A
|
|
|
158. What type of security process will allow others to verify the originator of an e-mail message?
A. authentication. B. integrity. C. non-repudiation. D. confidentiality. |
C
|
|
|
168. A public key ___________ is a pervasive system whose services are implemented and delivered using public key technologies that include CAs (Certificate Authority), digital certificates, non-repudiation, and key history management.
A. cryptography scheme. B. distribution authority. C. exchange. D. infrastructure. |
D
|
|
|
173. One of the factors that influence the lifespan of a public key certificate and its associated keys is the:
A. value of the information it is used to protect B. cost and management fees C. length of the asymmetric hash D. data-available openly on the cryptographic system |
A
|
|
|
176. In a typical file encryption process, the asymmetric algorithm is used to?
A. encrypt symmetric keys. B. encrypt file contents. C. encrypt certificates. D. encrypt hash results. |
A
|
|
|
179. The integrity of a cryptographic system is considered compromised if which of the following conditions exist?
A. a 40-bit algorithm is used for a large financial transaction B. the public key is disclosed C. the private key is disclosed D. the validity of the data source is compromised |
C
|
|
|
180. During the digital signature process, hashing provides a means to verify what security requirement?
A. non-repudiation. B. access control. C. data integrity. D. authentication. |
C
|
|
|
187. Non-repudiation is based on what type of key infrastructure?
A. symmetric. B. distributed trust. C. asymmetric. D. user-centric. |
C
|
|
|
197. IDEA (International Data Encryption Algorithm), Blowfish, RC5 (Rivest Cipher 5)
and CAST-128 are encryption algorithms of which type? A. symmetric. B. asymmetric. C. hashing. D. elliptic curve. |
A
|
|
|
198. A CRL (Certificate Revocation List) query that receives a response in near real time:
A. indicates that high availability equipment is used. B. implies that a fault tolerant database is being used. C. does not guarantee that fresh data is being returned. D. indicates that the CA (Certificate Authority) is providing near real time updates. |
C
|
|
|
202. The standard encryption algorithm based on Rijndael is known as:
A. AES (Advanced Encryption Standard). B. 3DES (Triple Data Encryption Standard). C. DES (Data Encryption Standard). D. Skipjack. |
A
|
|
|
207. Which of the following is an example of an asymmetric encryption algorithm?
A. RC4 (Rivest Cipher 4) B. IDEA (International Data Encryption Algorithm) C. MD5 (Message Digest-5) D. RSA (Rivest Shamir Adelman) |
D
|
|
|
228. Using distinct key pairs to separate confidentiality services from integrity services to support non-repudiation describes which one of the following models?
A. discrete key pair. B. dual key pair. C. key escrow. D. foreign key. |
B
|
|
|
232. Which of the following is typically included in a CRL (Certificate Revocation List)?
A. certificates that have had a limited validity period and have expired. B. certificates that are pending renewal. C. certificates that are considered invalid because they do not contain a valid CA (Certificate Authority) signature. D. certificates that have been disabled before their scheduled expiration. |
D
|
|
|
233. A CPS (Certificate Practice Statement) is a legal document that describes a CA’s (Certificate Authority):
A. class level issuing process. B. copyright notice. C. procedures. D. asymmetric encryption schema. |
C
|
|
|
235. The primary DISADVANTAGE of symmetric cryptography is:
A. speed. B. key distribution. C. weak algorithms. D. memory management. |
B
|
|
|
254. What is a good practice in deploying a CA (Certificate Authority)?
A. enroll users for policy based certificates. B. create a CPS (Certificate Practice Statement). C. register the CA (Certificate Authority) with a subordinate CA (Certificate Authority). D. create a mirror CA (Certificate Authority) for fault tolerance. |
B
|
|
|
269. Which of the following is NOT a field of a X.509 v3 certificate?
A. private key B. issuer C. serial number D. subject |
A
|
|
|
273. When a cryptographic system’s keys are no longer needed, the keys should be:
A. destroyed or stored in a secure manner B. deleted from the system’s storage mechanism C. recycled D. submitted to a key repository |
A
|
|
|
276. Which of the following is the best reason for a CA (Certificate Authority) to-revoke a certificate?
A. The user’s certificate has been idle for two months. B. The user has relocated to another address. C. The user’s private key has been compromised. D. The user’s public key has been compromised. |
C
|
|
|
277. Which of the following correctly identifies some of the contents of an end user’s X.509 certificate?
A. user’s public key, object identifiers, and the location of the user’s electronic identity B. user’s public key, the CA (Certificate Authority) distinguished name, and the type of symmetric algorithm used for encryption C. user’s public key, the certificate’s serial number, and the certificate’s validity dates D. user’s public key, the serial number of the CA (Certificate Authority) certificate, and the CRL (Certificate Revocation List) entry point |
C
|
|
|
279. Which of the following statements identifies a characteristic of a symmetric algorithm?
A. performs a fast transformation of data relative to other cryptographic methods B. regardless of the size of the user’s input data, the size of the output data is fixed. C. is relatively slow in transforming data when compared to other cryptographic methods D. includes a one way function where it is computationally infeasible for another entity to determine the input data from the output data |
A
|
|
|
280. Assuring the recipient that a message has not been altered in transit is an example of which of the following:
A. integrity B. static assurance C. dynamic assurance D. cyclical check sequence |
A
|
|
|
281. Being able to verify that a message received has not been modified in transit is defined as:
A. authorization B. non-repudiation C. integrity D. cryptographic mapping |
C
|
|
|
323. Most certificates used for authentication are based on what standard?
A. ISO 19278 B. X.500 C. RFC 1205 D. X.509 v3 |
D
|
|
|
324. In order for User A to send User B an e-mail message that only User B can read, User A must encrypt the e-mail with which of the following keys?
A. User B’s public key B. User B’s private key C. User A’s public key D. User A’s private key |
A
|
|
|
325. What does the message recipient use with the hash value to verify a digital signature?
A. signers private key B. receivers private key C. signers public key D. receivers public key |
C
|
|
|
326. While surfing the Internet a user encounters a pop-up window that prompts the user to download a browser plug-in. The pop-up window is a certificate which validates the identity of the plug-in developer. Which of the following best describes this type of certificate?
A. software publisher certificate B. web certificate C. CA (Certificate Authority) certificate D. server certificate |
A
|
|
|
327. The public key infrastructure model where certificates are issued and revoked via a
CA (Certificate Authority) is what type of model? A. managed B. distributed C. centralized D. standard |
C
|
|
|
331. When UserA applies to the CA (Certificate Authority) requesting a certificate to allow the start of communication with User B, User A must supply the CA (Certificate Authority) with
A. User A's public key only B. User B's public key only C. User A's and User B's public keys D. User A's and User B's public and private keys |
A
|
|
|
351. One of the primary concerns of a centralized key management system is that?
A. keys must be stored and distributed securely B. certificates must be made readily available C. the key repository must be publicly accessible D. the certificate contents must be kept confidential |
A
|
|
|
367. A block cipher is an example of which of the following encryption algorithms?
A. asymmetric key B. public key C. symmetric key D. unkeyed |
C
|
|
|
373. When a user digitally signs a document an asymmetric algorithm is used to encrypt:
A. secret passkeys B. file contents C. certificates D. hash results |
D
|
|
|
374. The main purpose of digital certificates is to securely bind a:
A. public key to the identity of the signer and recipient B. private key to the identity of the signer and recipient C. public key to the entity that holds the corresponding private key D. private key to the entity that holds the corresponding public key |
C
|
|
|
376. What are two common methods when using a public key infrastructure for maintaining access to servers in a network?
A. ACL and PGP. B. PIM and CRL. C. CRL and OCSP. D. RSA and MD2 |
C
|
|
|
378. File encryption using symmetric cryptography satisfies what security requirement?
A. Confidentiality B. Access control C. Data integrity D. Authentication |
A
|
|
|
384. Which of the following describes the concept of data integrity?
A. A means of determining what resources a user can use and view. B. A method of security that ensures all data is sequenced and numbered. C. A means of minimizing vulnerabilities of assets and resources. D. A mechanism applied to indicate a data's level of security. |
B
|
|
|
390. One of the factors that influence the lifespan of a public key certificate and its associated keys is the:
A. Value of the information it is used to protect. B. Cost and management fees. C. Length of the asymmetric hash. D. Data available openly on the cryptographic system. |
A
|
|
|
395. By definition, how many keys are needed to lock and unlock data using symmetric- key encryption?
A. 3+ B. 2 C. 1 D. 0 |
C
|
|
|
396. Data integrity is best achieved using a(n)
A. Asymmetric cipher B. Digital certificate C. Message digest D. Symmetric cipher |
C
|
|
|
397. Which of the following correctly identifies some of the contents of an user's X.509 certificate?
A. User's public key, object identifiers, and the location of the user's electronic identity. B. User's public key, the CA (Certificate Authority) distinguished name, and the type of symmetric algorithm used for encryption. C. User's public key, the certificate's serial number, and the certificate's validity dates. D. User's public key, the serial number of the CA (Certificate Authority) certificate, and the CRL (Certificate Revocation List) entry point. |
C
|
|
|
399. Which of the following is an asymmetric cryptographic algorithm?
A. AES B. El Gamal C. IDEA D. DES |
B
|
|
|
1. Message authentication codes are used to provide which service?
A. Integrity B. Fault recovery C. Key recovery D. Acknowledgement |
A
|
|
|
44. Which two of the following are symmetric-key algorithms used for encryption?
A. Stream-cipher B. Block C. Public D. Secret |
A, B
|
|
|
48. User A needs to send a private e-mail to User B. User A does not want anyone to have the ability to read the e-mail except for User B, thus retaining privacy.
Which tenet of information security is User A concerned about? A. Authentication B. Integrity C. Confidentiality D. Non-repudiation |
C
|
|
|
57. Advanced Encryption Standard (AES) is an encryption algorithm for securing sensitive but unclassified material by U.S. Government agencies.
What type of encryption is it from the list below? A. WTLS B. Symmetric C. Multifactor D. Asymmetric |
B
|
|
|
61. Which of the following describes the concept of data integrity?
A. A means of determining what resources a user can use and view. B. A method of security that ensures all data is sequenced, and numbered. C. A means of minimizing vulnerabilities of assets and resources. D. A mechanism applied to indicate a data's level of security. |
B
|
|
|
81. As the Security Analyst for your companies network, you want to implement AES. What algorithm will it use?
A. Rijndael B. Nagle C. Spanning Tree D. PKI |
A
|
|
|
83. Asymmetric cryptography ensures that:
A. Encryption and authentication can take place without sharing private keys. B. Encryption of the secret key is performed with the fastest algorithm available. C. Encryption occurs only when both parties have been authenticated. D. Encryption factoring is limited to the session key. |
A
|
|
|
168. How many bits are employed when using hash encryption?
A. 32 B. 64 C. 128 D. 256 |
C
|
