Question 1

What is a certificate?

Accepted Answer

A) A certificate used to encrypt a message in PKI 
B) A method of certifying the strength of an encryption key 
C) A digital document that is used to verify the owner's identity 
D) A certificate used in changing the key strength in PKI 
A) A certificate used to encrypt a message in PKI 
B) A method of certifying the strength of an encryption key 
C) A digital document that is used to verify the owner's identity 
D) A certificate used in changing the key strength in PKI C

Question 2

WEP is sometimes used to secure a wireless connection.What are the security issues related to WEP?

Accepted Answer

1-The secret key is only 40 bits long,and is easy to crack.2-128-bit WEP2 keys are almost equally vulnerable.3-Many wireless network implementations do not come with WEP enabled.

Question 3

The Certificate Authority is responsible for issuing,storing,and revoking certificates.

Accepted Answer

A) True 
 B)False  True

Question 4

The current version of S/MIME is version 2.

Accepted Answer

A) True 
 B)False

Question 5

What is CMP?

Accepted Answer

A) This protocol defines the messages and operations required to provide certificate management services 
B) An encryption protocol used to verify a key length 
C) An application that decrypts encrypted e-mail 
D) A common message protocol that is used in e-mail 
A) This protocol defines the messages and operations required to provide certificate management services 
B) An encryption protocol used to verify a key length 
C) An application that decrypts encrypted e-mail 
D) A common message protocol that is used in e-mail

Question 6

WEP has all of the following weaknesses of EXCEPT:

Accepted Answer

A) The secret key is only 40 bits long. 
B) It is susceptible to collision attacks. 
C) Even the 128 bit version is vulnerable. 
D) Many wireless implementations do not come with WEP enabled. 
A) The secret key is only 40 bits long. 
B) It is susceptible to collision attacks. 
C) Even the 128 bit version is vulnerable. 
D) Many wireless implementations do not come with WEP enabled.

Question 7

_______________ provides a method for implementing a key exchange protocol and for negotiating a security policy.

Accepted Answer

Internet Security As

Question 8

What is PKIX?

Accepted Answer

A) One of the standards used in implementing a public key infrastructure 
B) A method of private cryptography used by the military 
C) A method of encrypting e-mail from the IRS 
D) The method of encryption that uses a 40 bit encryption key 
A) One of the standards used in implementing a public key infrastructure 
B) A method of private cryptography used by the military 
C) A method of encrypting e-mail from the IRS 
D) The method of encryption that uses a 40 bit encryption key

Question 9

Pretty good privacy (or PGP)is

Accepted Answer

A) A privacy group that fights against the government 
B) A common encryption method for e-mail 
C) A password management system 
D) A method of security an operating system kernel 
A) A privacy group that fights against the government 
B) A common encryption method for e-mail 
C) A password management system 
D) A method of security an operating system kernel

Question 10

_______________ allows the encapsulation of one packet inside another to hide the original packet.

Accepted Answer

The answer of _______________ allows the encapsulation of one packet...

Question 11

The "S" in HTTPS signifies the protocol used when opening multiple web pages simultaneously.

Accepted Answer

A) True 
 B)False

Question 12

What function does Tier 1of the XML protocol service,based on the client requests and application requirements,perform?

Accepted Answer

A) It locates the appropriate key information for the client 
B) Performs a data validation on a portion of the key 
C) Automatically updates the firewall installed on the user's computer 
D) Updates the cryptographic algorithms for the S/MIME 
A) It locates the appropriate key information for the client 
B) Performs a data validation on a portion of the key 
C) Automatically updates the firewall installed on the user's computer 
D) Updates the cryptographic algorithms for the S/MIME

Question 13

List and define 5 of the 12 sections detailed by the ISO/IEC 27002 Standard.

Accepted Answer

Risk assessment-Determine the impact of

Question 14

What are the documents developed by the government to aid in the development of a standard for use in areas such as security or system interoperability?

Accepted Answer

A) FES,Federal encryption standards 
B) FIPS,Federal Information Processing Standards 
C) FIRE,Federal information regulation enterprise 
D) FIES,Federal information and encryption standards 
A) FES,Federal encryption standards 
B) FIPS,Federal Information Processing Standards 
C) FIRE,Federal information regulation enterprise 
D) FIES,Federal information and encryption standards

Question 15

What is Internet Security Association and Key Management ISAKMP?

Accepted Answer

A) A method for implementing a key exchange protocol and for negotiating a security policy 
B) The name of the a organization that creates the encryption keys 
C) A protocol to encrypt e-mail 
D) A program that creates random numbers used in encryption keys 
A) A method for implementing a key exchange protocol and for negotiating a security policy 
B) The name of the a organization that creates the encryption keys 
C) A protocol to encrypt e-mail 
D) A program that creates random numbers used in encryption keys

Question 16

Certificates that should no longer be used due to compromise should be

Accepted Answer

A) Deleted 
B) Moved to a different computer 
C) Revoked 
D) Removed 
A) Deleted 
B) Moved to a different computer 
C) Revoked 
D) Removed

Question 17

What is Certificate Authority?

Accepted Answer

A) A third party that issues digital certificates 
B) A auditing firm that ensures encryption security 
C) A certified professional that audits systems for security 
D) A third party that encrypts information for people 
A) A third party that issues digital certificates 
B) A auditing firm that ensures encryption security 
C) A certified professional that audits systems for security 
D) A third party that encrypts information for people

Question 18

What is PKCS?

Accepted Answer

A) One of the standards used in implementing a public key infrastructure 
B) A method of private cryptography used by the military 
C) A method of encrypting e-mail from the IRS 
D) The method of encryption that used a 40 bit encryption key 
A) One of the standards used in implementing a public key infrastructure 
B) A method of private cryptography used by the military 
C) A method of encrypting e-mail from the IRS 
D) The method of encryption that used a 40 bit encryption key

Question 19

_______________ is a message specification extension to the MIME standard,used to provide a way to send and receive signed and encrypted MIME data.

Accepted Answer

The answer of _______________ is a message specification extension to...

Question 20

SSL provides secure connections for web transfers using encryption.

Accepted Answer

A) True 
 B)False

Exam 7: Standards and Protocols

What is a certificate?

WEP is sometimes used to secure a wireless connection.What are the security issues related to WEP?

The Certificate Authority is responsible for issuing,storing,and revoking certificates.

The current version of S/MIME is version 2.

What is CMP?

WEP has all of the following weaknesses of EXCEPT:

_______________ provides a method for implementing a key exchange protocol and for negotiating a security policy.

What is PKIX?

Pretty good privacy (or PGP)is

_______________ allows the encapsulation of one packet inside another to hide the original packet.

The "S" in HTTPS signifies the protocol used when opening multiple web pages simultaneously.

What function does Tier 1of the XML protocol service,based on the client requests and application requirements,perform?

List and define 5 of the 12 sections detailed by the ISO/IEC 27002 Standard.

What are the documents developed by the government to aid in the development of a standard for use in areas such as security or system interoperability?

What is Internet Security Association and Key Management ISAKMP?

Certificates that should no longer be used due to compromise should be

What is Certificate Authority?

What is PKCS?

_______________ is a message specification extension to the MIME standard,used to provide a way to send and receive signed and encrypted MIME data.

SSL provides secure connections for web transfers using encryption.

Introduction and Security Trends

General Security Concepts

Operational-Organizational Security

The Role of People in Security

Cryptography

Public Key Infrastructure

Physical Security

Network Fundamentals

Infrastructure Security

Authentication and Remote Access

Wireless

Intrusion Detection Systems and Network Security

Baselines

Types of Attacks and Malicious Software

E-Mail and Instant Messaging

Web Components

Secure Software Development

Disaster Recovery, Business Continuity, and Organizational Policies

Risk Management

Change Management

Privilege Management

Computer Forensics

Legal Issues and Ethics

Privacy

Filters