• Choose a category
• All
• Classic-Fiction

a. RA

b. LRA

c. PKE

d. SHA

14. Kristin, from Payroll, has left the office on maternity leave and won’t return for at least six weeks. You’ve been instructed to suspend her key. Which of the following statements is true?

a. In order to be used, suspended keys must be revoked.

b. Suspended keys don’t expire.

c. Suspended keys can be reactivated.

d. Suspending keys is a bad practice.

15. What document describes how a CA issues certificates and what they are used for?

a. Certificate policies

b. Certificate practices

c. Revocation authority

d. CRL

16. After returning from a conference in Jamaica, your manager informs you that he has learned that law enforcement has the right, under subpoena, to conduct investigations using keys. He wants you to implement measures to make such an event run smoothly should it ever happen. What is the process of storing keys for use by law enforcement called?

a. Key escrow

b. Key archival

c. Key renewal

d. Certificate rollover

17. The CRL takes time to be fully disseminated. Which protocol allows a certificate’s authenticity to be immediately verified?

a. CA

b. CP

c. CRC

d. OCSP

18. Which set of specifications is designed to allow XML-based programs access to PKI services?

a. XKMS

b. XMLS

c. PKXMS

d. PKIXMLS

19. An attack that is based on the statistical probability of a match in a key base is referred to as what?

a. Birthday attack

b. DoS attack

c. Weak key attack

d. Smurf attack

20. A brainstorming session has been called. The moderator tells you to pull out a sheet of paper and write down your security concerns based on the technologies that your company uses. If your company uses public keys, what should you write as the primary security concern?

a. Privacy

b. Authenticity

c. Access control

d. Integrity

Answers to Review Questions

1. A. Hashing algorithms are used to derive an encrypted value from a message or word.

2. B. NIST is responsible for establishing the standards for general-purpose government encryption. NIST is also becoming involved in private-sector cryptography.

3. C. With asymmetric encryption, two keys are used—one to encode and the other to decode. The two keys are mathematical reciprocals of each other.

4. C. The Request for Comments (RFC) process allows all users and interested parties to comment on proposed standards for the Internet. The RFC editor manages the RFC process. The editor is responsible for cataloging, updating, and tracking RFCs through the process.

5. D. Nonrepudiation offers undisputable proof that a party was involved in an action.

6. A. TLS is a security protocol that uses SSL, and it allows the use of other security protocols.

7. C. A MAC as it relates to cryptography is a method of verifying the integrity of an encrypted message. The MAC is derived from the message and the key.

8. B. Key transmission is the largest problem from among the choices given. Transmitting private keys is a major concern. Private keys are typically transported using out-of-band methods to ensure security.

9. C. Access control refers to the process of ensuring that sensitive keys aren’t divulged to unauthorized personnel.

10. A. Proper key storage requires that the keys be physically stored in a secure environment. This may include using locked cabinets, hardened servers, and effective physical and administrative controls.

11. A. A certificate authority (CA) is responsible for maintaining certificates in the PKI environment.

12. C. A Certificate Revocation List (CRL) is created and distributed to all CAs to revoke a certificate or key.

13. B. A local registration authority (LRA) can establish an applicant’s identity and verify that the applicant for a certificate is valid. The LRA sends verification to the CA that issues the certificate.

14. C. Suspending keys is a good practice: It disables a key, making it unusable for a certain period of time. This can prevent the key from