Review Questions

1. 

What is the process of deriving a key from a mathematical process called?

  1. Hashing

  2. Asymmetric

  3. Symmetric

  4. Social engineering

a. hashing algorithms are used to derive a key from a message or word.

2. 

An encryption system that requires the use of the same private key on both ends of a system is what type of encryption system?

  1. Hashing

  2. Asymmetric

  3. Symmetric

  4. MD

c. symmetric systems require that both ends use the same private key.

3. 

What is the encryption system that uses the Heisenberg Uncertainty Principle for integrity called?

  1. Asymmetric

  2. Symmetric

  3. Physical

  4. Quantum

d. quantum cryptography is based upon changing the polarity ofthe photon. this makes the process of interception difficult, as anyattempt to intercept the message changes the value of the message.

4. 

What is the process of sending a key using a method other than the encryption process called?

  1. Social engineering

  2. Out-of-band transmittal

  3. Certificate management

  4. Message digest

b. out-of-band transmittal of a key is used to avoid sending a keythrough the encrypted channel. this might be used in the situationwhere a private key must be sent to use a symmetric ystem.

5. 

A PKC is used to accomplish which function?

  1. Secure transmittal of public keys

  2. Secure transmittal of private keys

  3. End-to-end data security

  4. Uses two different keys for encryption and decryption

d. public key cryptography (pkc) uses two different keys to encryptand decrypt a message. one of the keys is a private key; the other isa public key. both keys are derived from the same algorithm.

6. 

Which of the following is not used for cryptography?

  1. Confidentiality

  2. Authenticity

  3. Integrity

  4. Access

d. cryptographic systems are designed to ensure confidentiality,authenticity, and integrity.

7. 

MAC is an acronym for what as it relates to cryptography?

  1. Media access control

  2. Mandatory access control

  3. Message authentication code

  4. Multiple advisory committees

c. a mac is a method of verifying integrity of an encrypted message.the mac is derived from the message and the key.

8. 

What term is used to describe the inability of a sender to deny the sending of a message?

  1. Integrity

  2. Non-repudiation

  3. Authenticity

  4. Confidentiality

b. non-repudiation is a requirement for many cryptographic applications. the sender or receiver, using an electronic signature, cannotrepudiate a message.

9. 

Which of the following terms refers to the prevention of unauthorized disclosure of keys?

  1. Authentication

  2. Integrity

  3. Access control

  4. Non-repudiation

c. access control refers to the process of ensuring that sensitive keysare not divulged to unauthorized personnel.

10. 

Which term identifies the standard being used to implement wide-scale encryption systems?

  1. PKE

  2. PKI

  3. Symmetric

  4. Asymmetric

b. pki is a widely implemented cryptographic system. pki is beingused extensively by corporations, government, and individuals. pki isbased partially on a pke philosophy.

11. 

What is the primary organization for maintaining certificates called?

  1. CA

  2. RA

  3. LRA

  4. CRL

a. a certificate authority (ca) is responsible for maintaining certificates in the pki environment.

12. 

Which term describes the organization that can assist in the PKI certificate process?

  1. CA

  2. RA

  3. CRL

  4. SM

b. a registration authority can offload some of the work from a ca.ras do not issue certificates, but they can serve as a middleman in theprocess.

13. 

Which organization can be used to identify an individual for certificate issue in a PKI environment?

  1. RA

  2. LRA

  3. PKE

  4. SHA

b. an lra can establish the identity and verify to the ca that anapplicant for a certificate is valid. the lra sends verification to theca that issues the certificate.

14. 

What is the most common certificate format used in the PKI environment?

  1. X.509

  2. X.508

  3. PKE

  4. RSA

a. the x.509 certificate is the most commonly used certificate inthe pki environment.

15. 

What document describes how a CA issues certificates and what they are used for?

  1. Certificate policies

  2. Certificate practices

  3. Revocation authority

  4. CRL

a. the certificate policies define what certificates can be used for.

16. 

Certification revocation is facilitated using which tool?

  1. CRL

  2. ACS

  3. CRC

  4. CP

a. the crl is generated by the ca, and it identifies which certificates have been revoked.

17. 

The CRL takes time to be fully disseminated. Which protocol allows a certificate's authenticity to be immediately verified?

  1. CA

  2. CP

  3. CRC

  4. OCSP

d. ocsp can be used to immediately verify a certificate's authenticity.

18. 

What is the PKI trust model that allows for trust between two or more root CA systems called?

  1. Bridge

  2. Tree

  3. Hierarchy

  4. Full-trust model

a. bridging allows two root ca systems to communicate and validate against each other.

19. 

An attack that is based on the statistical probability of a match in a key base is referred to as what?

  1. Birthday attack

  2. DoS attack

  3. Weak key attack

  4. Smurf attack

a. birthday attacks are based the statistical likelihood of a match. asthe key length grows, the probability of a match decreases.

20. 

What do you call an attack that exploits the likelihood of a common password being used?

  1. Birthday attack

  2. Mathematical attack

  3. Man in the middle attack

  4. Weak key attack

d. weak key attacks exploit the common passwords used in manysystems. this vulnerability can be minimized by enforcing strict password guidelines.

Answers

1. 

A. Hashing algorithms are used to derive a key from a message or word.

2. 

C. Symmetric systems require that both ends use the same private key.

3. 

D. Quantum cryptography is based upon changing the polarity of the photon. This makes the process of interception difficult, as any attempt to intercept the message changes the value of the message.

4. 

B. Out-of-band transmittal of a key is used to avoid sending a key through the encrypted channel. This might be used in the situation where a private key must be sent to use a symmetric ystem.

5. 

D. Public Key Cryptography (PKC) uses two different keys to encrypt and decrypt a message. One of the keys is a private key; the other is a public key. Both keys are derived from the same algorithm.

6. 

D. Cryptographic systems are designed to ensure confidentiality, authenticity, and integrity.

7. 

C. A MAC is a method of verifying integrity of an encrypted message. The MAC is derived from the message and the key.

8. 

B. Non-repudiation is a requirement for many cryptographic applications. The sender or receiver, using an electronic signature, cannot repudiate a message.

9. 

C. Access control refers to the process of ensuring that sensitive keys are not divulged to unauthorized personnel.

10. 

B. PKI is a widely implemented cryptographic system. PKI is being used extensively by corporations, government, and individuals. PKI is based partially on a PKE philosophy.

11. 

A. A Certificate Authority (CA) is responsible for maintaining certificates in the PKI environment.

12. 

B. A Registration Authority can offload some of the work from a CA. RAs do not issue certificates, but they can serve as a middleman in the process.

13. 

B. An LRA can establish the identity and verify to the CA that an applicant for a certificate is valid. The LRA sends verification to the CA that issues the certificate.

14. 

A. The X.509 certificate is the most commonly used certificate in the PKI environment.

15. 

A. The certificate policies define what certificates can be used for.

16. 

A. The CRL is generated by the CA, and it identifies which certificates have been revoked.

17. 

D. OCSP can be used to immediately verify a certificate's authenticity.

18. 

A. Bridging allows two root CA systems to communicate and validate against each other.

19. 

A. Birthday attacks are based the statistical likelihood of a match. As the key length grows, the probability of a match decreases.

20. 

D. Weak key attacks exploit the common passwords used in many systems. This vulnerability can be minimized by enforcing strict password guidelines.



CompTIA Security+ Study Guide. Exam SY0-101
Security+ Study Guide
ISBN: 078214098X
EAN: 2147483647
Year: 2006
Pages: 167

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net