Question 1

A(n)_______________ certificate is used when independent CAs establish peer-to-peer trust relationships.

Accepted Answer

cross-certification

Question 2

A(n)_______________ is a construct of systems,personnel,applications,protocols,technologies,and policies that work together to provide a certain level of protection.

Accepted Answer

trust domain

Question 3

If the root CA's private key were compromised,what would happen?

Accepted Answer

A) Subordinate CAs and end users would be unaffected. 
B) Subordinate CAs would also be compromised,but users would be unaffected. 
C) Subordinate CAs and end users would be affected. 
D) Only the root CA would be affected. 
A) Subordinate CAs and end users would be unaffected. 
B) Subordinate CAs would also be compromised,but users would be unaffected. 
C) Subordinate CAs and end users would be affected. 
D) Only the root CA would be affected. C

Question 4

Why construct and implement a PKI?

Accepted Answer

A) To eliminate certificate authorities 
B) To provide identification to individuals and ensure availability 
C) To provide a higher level of trust than can be obtained through other applications and protocols 
D) To enable a centralized directory in which to store the registered certificate and distribute private keys to users requesting them 
A) To eliminate certificate authorities 
B) To provide identification to individuals and ensure availability 
C) To provide a higher level of trust than can be obtained through other applications and protocols 
D) To enable a centralized directory in which to store the registered certificate and distribute private keys to users requesting them

Question 5

_______________ is the standard used for creating and formatting certificates.

Accepted Answer

The answer of _______________ is the standard used for creating...

Question 6

The term used to describe a centralized directory that can be accessed by a subset of individuals is _______________

Accepted Answer

certificat

Question 7

What are the different fields within a digital certificate?

Accepted Answer

A) Version number,subject,public key,issuer,serial number,validity,certificate usage,signature algorithm,and extensions 
B) Key encipherment,data encipherment,CRL sign,keycert sign,and nonrepudiation 
C) End-entity,CA,cross-certification,and policy certification 
D) CA identity,individual or party identification,company,and destination 
A) Version number,subject,public key,issuer,serial number,validity,certificate usage,signature algorithm,and extensions 
B) Key encipherment,data encipherment,CRL sign,keycert sign,and nonrepudiation 
C) End-entity,CA,cross-certification,and policy certification 
D) CA identity,individual or party identification,company,and destination

Question 8

Which of the following reasons would be appropriate for a certificate suspension rather than revocation?

Accepted Answer

A) All keys are compromised. 
B) Changed affiliation. 
C) An extended vacation. 
D) The certificate is no longer needed,but no reason exists to suspect that it has been compromised. 
A) All keys are compromised. 
B) Changed affiliation. 
C) An extended vacation. 
D) The certificate is no longer needed,but no reason exists to suspect that it has been compromised.

Question 9

What is a digital certificate?

Accepted Answer

A) It's a means of establishing the validity of an offer from a person,entity,web site or e-mail. 
B) It's a centralized directory wherein registered keys are created and stored. 
C) It's a means of establishing your credentials electronically when doing business or other transactions on the Web 
D) It's an entity that generates electronic credentials and distributes them upon proving their identity sufficiently. 
A) It's a means of establishing the validity of an offer from a person,entity,web site or e-mail. 
B) It's a centralized directory wherein registered keys are created and stored. 
C) It's a means of establishing your credentials electronically when doing business or other transactions on the Web 
D) It's an entity that generates electronic credentials and distributes them upon proving their identity sufficiently.

Question 10

A trust domain is defined as

Accepted Answer

A) The agreed upon,trusted third party 
B) A scenario where one user needs to validate the other's certificate 
C) A construct of systems,personnel,applications,protocols,technologies and policies that work together to provide a certain level of protection 
D) A scenario in which the certificate's issuer and subject fields hold the same information 
A) The agreed upon,trusted third party 
B) A scenario where one user needs to validate the other's certificate 
C) A construct of systems,personnel,applications,protocols,technologies and policies that work together to provide a certain level of protection 
D) A scenario in which the certificate's issuer and subject fields hold the same information

Question 11

How is an outsourced CA different from a public CA?

Accepted Answer

A) The CA is implemented,maintained,and controlled by the company that implemented it. 
B) The CA is already established and being used by many individuals and companies. 
C) The CA provides more flexibility for companies. 
D) It provides dedicated services,and possibly equipment,to an individual company. 
A) The CA is implemented,maintained,and controlled by the company that implemented it. 
B) The CA is already established and being used by many individuals and companies. 
C) The CA provides more flexibility for companies. 
D) It provides dedicated services,and possibly equipment,to an individual company.

Question 12

When a person loses a laptop that had a private key stored on it,that person should request a revocation of the related certificate.

Accepted Answer

A) True 
 B)False

Question 13

The list of serial numbers of certificates that have been revoked is called the _______________.

Accepted Answer

certificat

Question 14

What is a certificate authority?

Accepted Answer

A) An entity that requires proof of identity from the individual requesting a certificate 
B) An entity that generates a digitally signed identification certificate 
C) A centralized directory in which the registered certificate is stored 
D) An entity that generates electronic credentials 
A) An entity that requires proof of identity from the individual requesting a certificate 
B) An entity that generates a digitally signed identification certificate 
C) A centralized directory in which the registered certificate is stored 
D) An entity that generates electronic credentials

Question 15

What are centralized and decentralized infrastructures? Explain why you might choose one over the other.

Accepted Answer

In a decentralized approach,software on

Question 16

_______________ binds a public key to a known user through a trusted intermediary,typically a certificate authority.

Accepted Answer

Public key

Question 17

A process of giving keys to a third party so that they can decrypt and read sensitive information is

Accepted Answer

A) Key recovery 
B) Key escrow 
C) Key archiving system 
D) Private key protection 
A) Key recovery 
B) Key escrow 
C) Key archiving system 
D) Private key protection

Question 18

What is a certificate repository?

Accepted Answer

A) A directory that calculates a message digest for the certificate 
B) An entity that generates electronic credentials 
C) A directory that requires a centralized infrastructure 
D) A centralized directory in which the registered certificate is stored 
A) A directory that calculates a message digest for the certificate 
B) An entity that generates electronic credentials 
C) A directory that requires a centralized infrastructure 
D) A centralized directory in which the registered certificate is stored

Question 19

A digital certificate binds an individual's identity to a public key.

Accepted Answer

A) True 
 B)False

Question 20

Which of the following is a critical concept common to all PKIs?

Accepted Answer

A) Cryptographic hardware is required for PKI construction. 
B) The server that centrally stores the keys should not be available. 
C) The private key must be computer generated and centrally stored. 
D) Private keys must remain private. 
A) Cryptographic hardware is required for PKI construction. 
B) The server that centrally stores the keys should not be available. 
C) The private key must be computer generated and centrally stored. 
D) Private keys must remain private.

Exam 6: Public Key Infrastructure

A(n)_______________ certificate is used when independent CAs establish peer-to-peer trust relationships.

A(n)_______________ is a construct of systems,personnel,applications,protocols,technologies,and policies that work together to provide a certain level of protection.

If the root CA's private key were compromised,what would happen?

Why construct and implement a PKI?

_______________ is the standard used for creating and formatting certificates.

The term used to describe a centralized directory that can be accessed by a subset of individuals is _______________

What are the different fields within a digital certificate?

Which of the following reasons would be appropriate for a certificate suspension rather than revocation?

What is a digital certificate?

A trust domain is defined as

How is an outsourced CA different from a public CA?

When a person loses a laptop that had a private key stored on it,that person should request a revocation of the related certificate.

The list of serial numbers of certificates that have been revoked is called the _______________.

What is a certificate authority?

What are centralized and decentralized infrastructures? Explain why you might choose one over the other.

_______________ binds a public key to a known user through a trusted intermediary,typically a certificate authority.

A process of giving keys to a third party so that they can decrypt and read sensitive information is

What is a certificate repository?

A digital certificate binds an individual's identity to a public key.

Which of the following is a critical concept common to all PKIs?

Introduction and Security Trends

General Security Concepts

Operational-Organizational Security

The Role of People in Security

Cryptography

Standards and Protocols

Physical Security

Network Fundamentals

Infrastructure Security

Authentication and Remote Access

Wireless

Intrusion Detection Systems and Network Security

Baselines

Types of Attacks and Malicious Software

E-Mail and Instant Messaging

Web Components

Secure Software Development

Disaster Recovery, Business Continuity, and Organizational Policies

Risk Management

Change Management

Privilege Management

Computer Forensics

Legal Issues and Ethics

Privacy

Filters