Explore all topics
Start Free Trial
Need Help? Contact us
back arrowfull exam logo
search
ai logoChat with AI
Servicesarrow
Discoverarrow

Topics

Explore all topics
Discover more topics

Deck 12: Advanced Cryptography

Full screen (f)
exit full mode
Question
A(n) ____ serves as the trusted third-party agency that is responsible for issuing the digital certificates.

A) RA
B) DA
C) CA
D) PA
Use Space or
up arrow
down arrow
to flip the card.
Question
The ____ model is the basis for digital certificates issued to Internet users.

A) third-party trust
B) related trust
C) managed trust
D) distributed trust
Question
____ certificates enable clients connecting to the Web server to examine the identity of the server's owner.

A) Personal digital
B) Public digital
C) Private digital
D) Server digital
Question
A ____ trust refers to a situation in which two individuals trust each other because each trusts a third party.

A) web of
B) mutual
C) third-party
D) distributed
Question
Public keys can be stored by embedding them within digital certificates, while private keys can be stored on the user's local system.
Question
____ can verify the authenticity of the sender and enforce nonrepudiation to prove that the sender is who he claims to be and cannot deny sending it.

A) Symmetric encryption
B) Private encryption
C) Asymmetric encryption
D) Elliptic encryption
Question
With the ____ model, there is one CA that acts as a "facilitator" to interconnect all other CAs.

A) bridge trust
B) distributed trust
C) third-party trust
D) transitive trust
Question
At the ____ stage of the certificate life cycle, the certificate can no longer be used.

A) creation
B) suspension
C) revocation
D) expiration
Question
____ can protect the confidentiality of an e-mail message by ensuring that no one has read it.

A) Public encryption
B) Standard encryption
C) Asymmetric encryption
D) Symmetric encryption
Question
Digital certificates cannot be used to identify objects other than users.
Question
____ involves public-key cryptography standards, trust models, and key management.

A) Public key infrastructure
B) Network key infrastructure
C) Private key infrastructure
D) Shared key infrastructure
Question
Security tools function at the same layer of the Open System Interconnection (OSI) model.
Question
The ____ provides recommended baseline security requirements for the use and operation of CA, RA, and other PKI components.

A) DP
B) CP
C) LP
D) AP
Question
The ____ function is a subordinate entity designed to handle specific CA tasks such as processing certificate requests and authenticating users.

A) Registration Authority
B) Certificate Authority
C) Repudiation Authority
D) Intermediate Authority
Question
Cryptography cannot protect data as it is being transported across a network.
Question
Digital signatures actually only show that the public key labeled as belonging to person was used to encrypt the digital signature.
Question
____ can be used to ensure the integrity of a file by guaranteeing that no one has tampered with it.

A) Blocking
B) Hashing
C) Encrypting
D) Cloning
Question
The primary function of a(n) ____ is to verify the identity of the individual.

A) RA
B) CA
C) DA
D) PA
Question
____ certificates are frequently used to secure e-mail transmissions and typically only require the user's name and e-mail address in order to receive this certificate.

A) Private digital
B) Personal digital
C) Public digital
D) Server digital
Question
A class 2 certificate is known as a ____ certificate.

A) signing digital
B) server digital
C) personal digital
D) code-signing
Question
List three general duties of a CA.
Question
____________________ may be defined as confidence in or reliance on another person or entity.
Question
List the three PKI trust models that use a CA.
Question
At the ____ stage of the certificate life cycle, the certificate is no longer valid.

A) creation
B) suspension
C) revocation
D) expiration
Question
List the four stages of a certificate life cycle.
Question
Key ____________________ dates prevent an attacker who may have stolen a private key from being able to decrypt messages for an indefinite period of time.
Question
____ allows clients and the server to negotiate independently encryption, authentication, and digital signature methods, in any combination, in both directions.

A) SFTP
B) SHTTP
C) HTTPS
D) Telnets
Question
Explain the difference between key revocation versus key suspension.
Question
Explain how digital certificates are managed.
Question
List two requirements for verification of an EV SSL.
Question
List three pieces of information a digital certificate typically contains.
Question
TLS is an extension of ____.

A) Telnet
B) HTTP
C) SSL
D) FTP
Question
Key ____ removes all private and public keys along with the user's identification information in the CA.

A) renewal
B) escrow
C) generation
D) destruction
Question
In SSH, the ____________________ command allows a user to log on to a remote computer.
Question
Key ____ refers to a process in which keys are managed by a third party, such as a trusted CA.

A) escrow
B) destruction
C) renewal
D) management
Question
In SSH, the ____________________ command allows a user to copy files between remote computers.
Question
A(n) ____________________ trust model can be used in an organization where one CA is responsible for only the digital certificates for that organization.
Question
____ is a protocol developed by Netscape for securely transmitting documents over the Internet.

A) SSL
B) TLS
C) PEAP
D) EAP
Question
Identify the general duties of an RA.
Question
Discuss the three areas of protection that are provided by IPsec.
Question
List and describe the entities for which IPsec is transparent.
Question
Match between columns
Premises:
Responses:
A published set of rules that govern the operation of a PKI
Digital certificate
A published set of rules that govern the operation of a PKI
SSH
A published set of rules that govern the operation of a PKI
CR
A published set of rules that govern the operation of a PKI
PKCS
A published set of rules that govern the operation of a PKI
CP
A published set of rules that govern the operation of a PKI
CPS
A published set of rules that govern the operation of a PKI
IPsec
A published set of rules that govern the operation of a PKI
Transport mode
A published set of rules that govern the operation of a PKI
Tunnel mode
A technology used to associate a user's identity to a public key that has been "digitally signed" by a trusted third party
Digital certificate
A technology used to associate a user's identity to a public key that has been "digitally signed" by a trusted third party
SSH
A technology used to associate a user's identity to a public key that has been "digitally signed" by a trusted third party
CR
A technology used to associate a user's identity to a public key that has been "digitally signed" by a trusted third party
PKCS
A technology used to associate a user's identity to a public key that has been "digitally signed" by a trusted third party
CP
A technology used to associate a user's identity to a public key that has been "digitally signed" by a trusted third party
CPS
A technology used to associate a user's identity to a public key that has been "digitally signed" by a trusted third party
IPsec
A technology used to associate a user's identity to a public key that has been "digitally signed" by a trusted third party
Transport mode
A technology used to associate a user's identity to a public key that has been "digitally signed" by a trusted third party
Tunnel mode
A publicly accessible centralized directory of digital certificates that can be used to view the status of a digital certificate
Digital certificate
A publicly accessible centralized directory of digital certificates that can be used to view the status of a digital certificate
SSH
A publicly accessible centralized directory of digital certificates that can be used to view the status of a digital certificate
CR
A publicly accessible centralized directory of digital certificates that can be used to view the status of a digital certificate
PKCS
A publicly accessible centralized directory of digital certificates that can be used to view the status of a digital certificate
CP
A publicly accessible centralized directory of digital certificates that can be used to view the status of a digital certificate
CPS
A publicly accessible centralized directory of digital certificates that can be used to view the status of a digital certificate
IPsec
A publicly accessible centralized directory of digital certificates that can be used to view the status of a digital certificate
Transport mode
A publicly accessible centralized directory of digital certificates that can be used to view the status of a digital certificate
Tunnel mode
Encrypts only the data portion (payload) of each packet yet leaves the header unencrypted
Digital certificate
Encrypts only the data portion (payload) of each packet yet leaves the header unencrypted
SSH
Encrypts only the data portion (payload) of each packet yet leaves the header unencrypted
CR
Encrypts only the data portion (payload) of each packet yet leaves the header unencrypted
PKCS
Encrypts only the data portion (payload) of each packet yet leaves the header unencrypted
CP
Encrypts only the data portion (payload) of each packet yet leaves the header unencrypted
CPS
Encrypts only the data portion (payload) of each packet yet leaves the header unencrypted
IPsec
Encrypts only the data portion (payload) of each packet yet leaves the header unencrypted
Transport mode
Encrypts only the data portion (payload) of each packet yet leaves the header unencrypted
Tunnel mode
A set of protocols developed to support the secure exchange of packets
Digital certificate
A set of protocols developed to support the secure exchange of packets
SSH
A set of protocols developed to support the secure exchange of packets
CR
A set of protocols developed to support the secure exchange of packets
PKCS
A set of protocols developed to support the secure exchange of packets
CP
A set of protocols developed to support the secure exchange of packets
CPS
A set of protocols developed to support the secure exchange of packets
IPsec
A set of protocols developed to support the secure exchange of packets
Transport mode
A set of protocols developed to support the secure exchange of packets
Tunnel mode
Encrypts both the header and the data portion
Digital certificate
Encrypts both the header and the data portion
SSH
Encrypts both the header and the data portion
CR
Encrypts both the header and the data portion
PKCS
Encrypts both the header and the data portion
CP
Encrypts both the header and the data portion
CPS
Encrypts both the header and the data portion
IPsec
Encrypts both the header and the data portion
Transport mode
Encrypts both the header and the data portion
Tunnel mode
A numbered set of PKI standards that have been defined by the RSA Corporation
Digital certificate
A numbered set of PKI standards that have been defined by the RSA Corporation
SSH
A numbered set of PKI standards that have been defined by the RSA Corporation
CR
A numbered set of PKI standards that have been defined by the RSA Corporation
PKCS
A numbered set of PKI standards that have been defined by the RSA Corporation
CP
A numbered set of PKI standards that have been defined by the RSA Corporation
CPS
A numbered set of PKI standards that have been defined by the RSA Corporation
IPsec
A numbered set of PKI standards that have been defined by the RSA Corporation
Transport mode
A numbered set of PKI standards that have been defined by the RSA Corporation
Tunnel mode
Describes in detail how the CA uses and manages certificates
Digital certificate
Describes in detail how the CA uses and manages certificates
SSH
Describes in detail how the CA uses and manages certificates
CR
Describes in detail how the CA uses and manages certificates
PKCS
Describes in detail how the CA uses and manages certificates
CP
Describes in detail how the CA uses and manages certificates
CPS
Describes in detail how the CA uses and manages certificates
IPsec
Describes in detail how the CA uses and manages certificates
Transport mode
Describes in detail how the CA uses and manages certificates
Tunnel mode
Unlock Deck
Sign up to unlock the cards in this deck!
Unlock Deck
Unlock Deck
1/42
auto play flashcards
Play
simple tutorial
Full screen (f)
exit full mode
Deck 12: Advanced Cryptography
1
A(n) ____ serves as the trusted third-party agency that is responsible for issuing the digital certificates.

A) RA
B) DA
C) CA
D) PA
C
2
The ____ model is the basis for digital certificates issued to Internet users.

A) third-party trust
B) related trust
C) managed trust
D) distributed trust
D
3
____ certificates enable clients connecting to the Web server to examine the identity of the server's owner.

A) Personal digital
B) Public digital
C) Private digital
D) Server digital
D
4
A ____ trust refers to a situation in which two individuals trust each other because each trusts a third party.

A) web of
B) mutual
C) third-party
D) distributed
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
5
Public keys can be stored by embedding them within digital certificates, while private keys can be stored on the user's local system.
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
6
____ can verify the authenticity of the sender and enforce nonrepudiation to prove that the sender is who he claims to be and cannot deny sending it.

A) Symmetric encryption
B) Private encryption
C) Asymmetric encryption
D) Elliptic encryption
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
7
With the ____ model, there is one CA that acts as a "facilitator" to interconnect all other CAs.

A) bridge trust
B) distributed trust
C) third-party trust
D) transitive trust
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
8
At the ____ stage of the certificate life cycle, the certificate can no longer be used.

A) creation
B) suspension
C) revocation
D) expiration
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
9
____ can protect the confidentiality of an e-mail message by ensuring that no one has read it.

A) Public encryption
B) Standard encryption
C) Asymmetric encryption
D) Symmetric encryption
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
10
Digital certificates cannot be used to identify objects other than users.
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
11
____ involves public-key cryptography standards, trust models, and key management.

A) Public key infrastructure
B) Network key infrastructure
C) Private key infrastructure
D) Shared key infrastructure
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
12
Security tools function at the same layer of the Open System Interconnection (OSI) model.
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
13
The ____ provides recommended baseline security requirements for the use and operation of CA, RA, and other PKI components.

A) DP
B) CP
C) LP
D) AP
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
14
The ____ function is a subordinate entity designed to handle specific CA tasks such as processing certificate requests and authenticating users.

A) Registration Authority
B) Certificate Authority
C) Repudiation Authority
D) Intermediate Authority
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
15
Cryptography cannot protect data as it is being transported across a network.
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
16
Digital signatures actually only show that the public key labeled as belonging to person was used to encrypt the digital signature.
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
17
____ can be used to ensure the integrity of a file by guaranteeing that no one has tampered with it.

A) Blocking
B) Hashing
C) Encrypting
D) Cloning
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
18
The primary function of a(n) ____ is to verify the identity of the individual.

A) RA
B) CA
C) DA
D) PA
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
19
____ certificates are frequently used to secure e-mail transmissions and typically only require the user's name and e-mail address in order to receive this certificate.

A) Private digital
B) Personal digital
C) Public digital
D) Server digital
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
20
A class 2 certificate is known as a ____ certificate.

A) signing digital
B) server digital
C) personal digital
D) code-signing
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
21
List three general duties of a CA.
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
22
____________________ may be defined as confidence in or reliance on another person or entity.
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
23
List the three PKI trust models that use a CA.
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
24
At the ____ stage of the certificate life cycle, the certificate is no longer valid.

A) creation
B) suspension
C) revocation
D) expiration
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
25
List the four stages of a certificate life cycle.
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
26
Key ____________________ dates prevent an attacker who may have stolen a private key from being able to decrypt messages for an indefinite period of time.
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
27
____ allows clients and the server to negotiate independently encryption, authentication, and digital signature methods, in any combination, in both directions.

A) SFTP
B) SHTTP
C) HTTPS
D) Telnets
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
28
Explain the difference between key revocation versus key suspension.
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
29
Explain how digital certificates are managed.
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
30
List two requirements for verification of an EV SSL.
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
31
List three pieces of information a digital certificate typically contains.
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
32
TLS is an extension of ____.

A) Telnet
B) HTTP
C) SSL
D) FTP
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
33
Key ____ removes all private and public keys along with the user's identification information in the CA.

A) renewal
B) escrow
C) generation
D) destruction
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
34
In SSH, the ____________________ command allows a user to log on to a remote computer.
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
35
Key ____ refers to a process in which keys are managed by a third party, such as a trusted CA.

A) escrow
B) destruction
C) renewal
D) management
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
36
In SSH, the ____________________ command allows a user to copy files between remote computers.
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
37
A(n) ____________________ trust model can be used in an organization where one CA is responsible for only the digital certificates for that organization.
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
38
____ is a protocol developed by Netscape for securely transmitting documents over the Internet.

A) SSL
B) TLS
C) PEAP
D) EAP
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
39
Identify the general duties of an RA.
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
40
Discuss the three areas of protection that are provided by IPsec.
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
41
List and describe the entities for which IPsec is transparent.
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
42
Match between columns
Premises:
Responses:
A published set of rules that govern the operation of a PKI
Digital certificate
A published set of rules that govern the operation of a PKI
SSH
A published set of rules that govern the operation of a PKI
CR
A published set of rules that govern the operation of a PKI
PKCS
A published set of rules that govern the operation of a PKI
CP
A published set of rules that govern the operation of a PKI
CPS
A published set of rules that govern the operation of a PKI
IPsec
A published set of rules that govern the operation of a PKI
Transport mode
A published set of rules that govern the operation of a PKI
Tunnel mode
A technology used to associate a user's identity to a public key that has been "digitally signed" by a trusted third party
Digital certificate
A technology used to associate a user's identity to a public key that has been "digitally signed" by a trusted third party
SSH
A technology used to associate a user's identity to a public key that has been "digitally signed" by a trusted third party
CR
A technology used to associate a user's identity to a public key that has been "digitally signed" by a trusted third party
PKCS
A technology used to associate a user's identity to a public key that has been "digitally signed" by a trusted third party
CP
A technology used to associate a user's identity to a public key that has been "digitally signed" by a trusted third party
CPS
A technology used to associate a user's identity to a public key that has been "digitally signed" by a trusted third party
IPsec
A technology used to associate a user's identity to a public key that has been "digitally signed" by a trusted third party
Transport mode
A technology used to associate a user's identity to a public key that has been "digitally signed" by a trusted third party
Tunnel mode
A publicly accessible centralized directory of digital certificates that can be used to view the status of a digital certificate
Digital certificate
A publicly accessible centralized directory of digital certificates that can be used to view the status of a digital certificate
SSH
A publicly accessible centralized directory of digital certificates that can be used to view the status of a digital certificate
CR
A publicly accessible centralized directory of digital certificates that can be used to view the status of a digital certificate
PKCS
A publicly accessible centralized directory of digital certificates that can be used to view the status of a digital certificate
CP
A publicly accessible centralized directory of digital certificates that can be used to view the status of a digital certificate
CPS
A publicly accessible centralized directory of digital certificates that can be used to view the status of a digital certificate
IPsec
A publicly accessible centralized directory of digital certificates that can be used to view the status of a digital certificate
Transport mode
A publicly accessible centralized directory of digital certificates that can be used to view the status of a digital certificate
Tunnel mode
Encrypts only the data portion (payload) of each packet yet leaves the header unencrypted
Digital certificate
Encrypts only the data portion (payload) of each packet yet leaves the header unencrypted
SSH
Encrypts only the data portion (payload) of each packet yet leaves the header unencrypted
CR
Encrypts only the data portion (payload) of each packet yet leaves the header unencrypted
PKCS
Encrypts only the data portion (payload) of each packet yet leaves the header unencrypted
CP
Encrypts only the data portion (payload) of each packet yet leaves the header unencrypted
CPS
Encrypts only the data portion (payload) of each packet yet leaves the header unencrypted
IPsec
Encrypts only the data portion (payload) of each packet yet leaves the header unencrypted
Transport mode
Encrypts only the data portion (payload) of each packet yet leaves the header unencrypted
Tunnel mode
A set of protocols developed to support the secure exchange of packets
Digital certificate
A set of protocols developed to support the secure exchange of packets
SSH
A set of protocols developed to support the secure exchange of packets
CR
A set of protocols developed to support the secure exchange of packets
PKCS
A set of protocols developed to support the secure exchange of packets
CP
A set of protocols developed to support the secure exchange of packets
CPS
A set of protocols developed to support the secure exchange of packets
IPsec
A set of protocols developed to support the secure exchange of packets
Transport mode
A set of protocols developed to support the secure exchange of packets
Tunnel mode
Encrypts both the header and the data portion
Digital certificate
Encrypts both the header and the data portion
SSH
Encrypts both the header and the data portion
CR
Encrypts both the header and the data portion
PKCS
Encrypts both the header and the data portion
CP
Encrypts both the header and the data portion
CPS
Encrypts both the header and the data portion
IPsec
Encrypts both the header and the data portion
Transport mode
Encrypts both the header and the data portion
Tunnel mode
A numbered set of PKI standards that have been defined by the RSA Corporation
Digital certificate
A numbered set of PKI standards that have been defined by the RSA Corporation
SSH
A numbered set of PKI standards that have been defined by the RSA Corporation
CR
A numbered set of PKI standards that have been defined by the RSA Corporation
PKCS
A numbered set of PKI standards that have been defined by the RSA Corporation
CP
A numbered set of PKI standards that have been defined by the RSA Corporation
CPS
A numbered set of PKI standards that have been defined by the RSA Corporation
IPsec
A numbered set of PKI standards that have been defined by the RSA Corporation
Transport mode
A numbered set of PKI standards that have been defined by the RSA Corporation
Tunnel mode
Describes in detail how the CA uses and manages certificates
Digital certificate
Describes in detail how the CA uses and manages certificates
SSH
Describes in detail how the CA uses and manages certificates
CR
Describes in detail how the CA uses and manages certificates
PKCS
Describes in detail how the CA uses and manages certificates
CP
Describes in detail how the CA uses and manages certificates
CPS
Describes in detail how the CA uses and manages certificates
IPsec
Describes in detail how the CA uses and manages certificates
Transport mode
Describes in detail how the CA uses and manages certificates
Tunnel mode
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
locked card icon
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Examlex
Examlex
Work With Us
Policies
Download the App
Scan to downloadDownload the App
qr-code
Links
Links
Work With Us
Download the App

Scan to downloadDownload the App
qr-code

Copyright © 2025 Examlex LLC.
  • facebook-footer
  • instagram-footer
  • x-footer
  • tiktok
  • Linktree