Scribd Logo
Cargar

¡Te damos la bienvenida a Scribd!

  • Review Questions

    Cargado por

    Rizzy Shinigami
    47 vistas5 páginas
    fdjgjrhgfevbkr

    Derechos de autor

    © © All Rights Reserved

    Formatos disponibles

    DOCX, PDF, TXT o lea en línea desde Scribd

    ¿Le pareció útil este documento?

    ¿Este contenido es inapropiado?

    Denunciar este documento
    fdjgjrhgfevbkr

    Copyright:

    © All Rights Reserved
    Descargue como DOCX, PDF, TXT o lea en línea desde Scribd
    Marcar por contenido inapropiado
    47 vistas5 páginas

    Review Questions

    Cargado por

    Rizzy Shinigami
    fdjgjrhgfevbkr

    Copyright:

    © All Rights Reserved
    Descargue como DOCX, PDF, TXT o lea en línea desde Scribd
    Marcar por contenido inapropiado
    de 5

    Review Questions

    1. Which of the following does not apply to a hashing algorithm?


    A. One-way
    B. Long key size
    C. Variable-length input with fixed-length output
    D. Collision resistance
    2. During a training session, you want to impress upon users how serious security is
    and, in particular, cryptography. To accomplish this, you want to give them as
    much of an overview about the topic as possible. Which government agency
    should you mention is primarily responsible for establishing government
    standards involving cryptography for general-purpose government use?
    A. NSA
    B. NIST
    C. IEEE
    D. ITU
    3. Which of the following is the most widely used asymmetric algorithm today?
    A. RSA
    B. AES
    C. 3DES
    D. SHA
    4. You're a member of a consortium wanting to create a new standard that will
    effectively end all spam. After years of meeting, the group has finally come across
    a solution and now wants to propose it. The process of proposing a new standard
    or method on the Internet is referred to by which acronym?
    A. WBS
    B. X.509
    C. RFC
    D. IEEE
    5. Mary claims that she didn't make a phone call from her office to a competitor and
    tell them about developments at her company. Telephone logs, however, show
    that such a call was placed from her phone, and time clock records show that she
    was the only person working at the time. What do these records provide?

    A. Integrity
    B. Confidentiality
    C. Authentication
    D. Nonrepudiation
    6. Mercury Technical Solutions has been using SSL in a business-to-business
    environment for a number of years. Despite the fact that there have been no
    compromises in security, the new IT manager wants to use stronger security than
    SSL can offer. Which of the following protocols is similar to SSL but offers the
    ability to use additional security protocols?
    A. TLS
    B. SSH
    C. RSH
    D. X.509
    7. MAC is an acronym for what as it relates to cryptography?
    A. Media access control
    B. Mandatory access control
    C. Message authentication code
    D. Multiple advisory committees
    8. You've been brought in as a security consultant for a small bicycle manufacturing
    firm. Immediately, you notice that they're using a centralized key-generating
    process, and you make a note to dissuade them from that without delay. What
    problem is created by using a centralized key-generating process?
    A. Network security
    B. Key transmission
    C. Certificate revocation
    D. Private key security
    9. You need to encrypt your hard drive. Which of the following is the best choice?
    A. DES
    B. RSA
    C. AES
    D. SHA

    10. As the head of IT for MTS, you're explaining some security concerns to a junior
    administrator who has just been hired. You're trying to emphasize the need to
    know what is important and what isn't. Which of the following is not a
    consideration in key storage?
    A. Environmental controls
    B. Physical security
    C. Hardened servers
    D. Administrative controls
    11. What is the primary organization for maintaining certificates called?
    A. CA
    B. RA
    C. LRA
    D. CRL
    12. Due to a breach, a certificate must be permanently revoked and you don't want it
    to ever be used again. What is often used to revoke a certificate?
    A. CRA
    B. CYA
    C. CRL
    D. PKI
    13. Which organization can be used to identify an individual for certificate issue in a
    PKI environment?
    A. RA
    B. LRA
    C. PKE
    D. SHA
    14. Kristin from Payroll has left the office on maternity leave and won't return for at
    least six weeks. You've been instructed to suspend her key. Which of the following
    statements is true?
    A. In order to be used, suspended keys must be revoked.
    B. Suspended keys don't expire.
    C. Suspended keys can be reactivated.

    D. Suspending keys is a bad practice.


    15. What document describes how a CA issues certificates and for what they are
    used?
    A. Certificate policies
    B. Certificate practices
    C. Revocation authority
    D. CRL
    16. After returning from a conference, your manager informs you that he has learned
    that law enforcement has the right, under subpoena, to conduct investigations
    using keys. He wants you to implement measures to make such an event run
    smoothly should it ever happen. What is the process of storing keys for use by law
    enforcement called?
    A. Key escrow
    B. Key archival
    C. Key renewal
    D. Certificate rollover
    17. The CRL takes time to be fully disseminated. Which protocol allows a certificate's
    authenticity to be immediately verified?
    A. CA
    B. CP
    C. CRC
    D. OCSP
    18. Which set of specifications is designed to allow XML-based programs access to PKI
    services?
    A. XKMS
    B. XMLS
    C. PKXMS
    D. PKIXMLS
    19. Which of the following is similar to Blowfish but works on 128-bit blocks?
    A. Twofish
    B. IDEA

    C. CCITT
    D. AES
    20. Your IT manager has stated that you need to select an appropriate tool for email
    encryption. Which of the following would be the best choice?
    A. MD5
    B. IPSEC
    C. TLS
    D. PGP

    También podría gustarte