Exam 8: Secure Programming With C and Openssl

OpenSSL provides the APIs ____ for Base64 decoding.

The standard organization ____ has been developing a standard for transport layer security based on SSL, and the result is TLS version 1.

Certificate revocation is done in OpenSSL by using the ca command with the -____ option.

____________________ helps to insure the security and portability of the code, and it usually requires that the programmer explicitly define the types of each object in a program.

The OpenSSL command-line tool executable is called ____ on Windows.

The strlen function should only be used when '\0' terminated string is guaranteed.

C/C++ developers must do their own memory management using the standard APIs malloc(), alloc(), realloc(), free(), new() and ____ .

Why are most high-level programming languages essentially immune to buffer overflow problems?

Most block ciphers are constructed by composing several simpler functions. These ciphers are called iterated block ciphers or ____ ciphers.

____ is a symmetric key-encryption technique that will replace the commonly used DES standard.

____ is a popular software program that uses encryption techniques to encrypt and digitally sign e-mail.

A language is ____ typed if it enforces type abstractions where operations can be applied only to objects of the appropriate type.

How does hashing work?

____________________ is a specific type of stack overrun attack where the goal is to overwrite the return address of subroutines on the stack.

____ are usually used in conjunction with nonsecret parameters to derive one or more keys from a common secret value.

How can you revoke a certificate in OpenSSL?

____ is a protocol that provides a secure channel between two systems.

Why is it hard to write secure code with C?

The ____ command is a PKCS#10 certificate request and certificate generating utility.