Protocoale
Secure Your Knowledge: Cybersecurity Quiz
Test your understanding of cybersecurity protocols and concepts with this comprehensive quiz designed for enthusiasts and professionals alike. Dive into 36 challenging questions that cover various aspects of PGP, S/MIME, SSL, and more!
Key Features:
- 36 thought-provoking questions
- Immediate feedback on answers
- Test your skills against peers
What are the main advantages of the web of trust model used by PGP to establish trust in a public key:
Transitivity of trust relationships
High scalability
Doesn’t need a third trustful entity
Avoids the necessity of key revocation if the key was compromised
Which of the following protocols can be used for the centralized management of users’ credentials?
RADIUS
ICMP
ARP
TACACS+
LDAP
S/MIME provides protection against:
Unauthorized message alteration
E-mail addresses substitution
Virus multiplication
Denial-of-service attacks
The “data tunneling” expression, specific to VPNs it refers to:
Method used by system administrators for detecting possible network intrusions
A mechanism which allow data to pass through firewall systems
Optional feature which activated, increases the network performances
Packet encapsulation in other packages belonging to a different protocol in order to create a virtual circuit
Which are the main advantages of virtual private networks (VPN) in comparison with frame relay based networks, leased lines or dial-up?
Lower installation and operation costs
Increasing security level
Higher availability for network services
Higher transfer rates
In which of the following authentication protocols mentioned below, the password is transmitted in clear through the network?
Password Authentication Procedure (PAP)
Kerberos
Challenge-Handshake Authentication Protocol (CHAP)
Windows NT LAN Manager (NTLM)
Which of the following affirmations about the Kerberos protocol are true?
It represents the main authentication mechanism in Windows 2000/2003/2008 domains
Has been developed by RSA Security corporation
It uses one time generated passwords
Is time dependent
Which of the following organizations deals with the standardization of electronic signature at European level?
ETSI ESI
ISO/IEC
PC/SC
CEN/ISSS
What needs to be used for encrypting and signing the electronic messages using S/MIME?
S/MIME compatible e-mail servers
S/MIME compatible e-mail clients
SSLization of e-mail servers and clients
Digital certificates for users
Which of the following sentences about the standard PKCS #7 are true?
It uses the ASN.1 language for describing the data structures
It specifies the syntax for cryptographic messages
It became outdated, being replaced by the PKCS #8 standard
Have been developed by the Internet Engineering Task Force (IETF)
The Record Protocol within SSL provides:
Transaction’s non-repudiation
Message confidentiality
Message integrity
Authentication of entities
The Encapsulating Security Payload (ESP) protocol within IPSec provides:
Data origin authentication
Data integrity
Data confidentiality
Data non-repudiation transfer
Kerberos is efficient against the following:
Dictionary attacks
Repetition attacks
Denial-of service attacks
Social engineering
How is the session key generated within the Diffie Helman protocol?
The session key is generated by exchanging random values between transmitter and recipient and the use of an algorithm whose security is based on the impossibility of calculating discrete logarithms
The session key is randomly generated by the transmitter and sent encrypted to the recipient
The session key is generated by a third trustful party
The session key is generated simultaneously by transmitter and recipient using a time based algorithm
Who developed the X.509 standard, describing the digital certificates syntax?
International Telecommunication Union (ITU)
Internet Engineering Task Force (IETF)
International Standards Organization (ISO)
RSA Laboratories
Which is the SSL protocol used for entities authentication and the negotiation of algorithms and cryptographic keys:
Change Cipher SpecProtocol
Internet Key Exchange
Record Protocol
Handshake Protocol
Which of the following technologies uses two factors for the authentication of its users?
ISAKMP/Oakley
NTLM
LDAP
RSA SecurID
Which of the following affirmations about the SSL protocol are true?
It uses digital certificates for parties authentication
Is a third level protocol
It requires changing the TCP/IP stack
It can only be used for securing the web traffic
Who can recover a private key within an enterprise CA implemented by Microsoft Certificate Services 2003?
Key Recovery Agent
CA Administrator
Backup Operator
Certificate Manager
Certificate Repository serves to:
Logging the events related to the certificates management
CRL distribution
Interface used by the end-users for submitting the issuing certificates requests
The distribution of digital certificates
What is the extension that defines the categories of applications that can use a digital certificate?
Key Usage
Subject Public Key Info
Extended Key Usage
Policy Constraints
What is the role of an HSM - Hardware Security Module?
Accelerates the cryptographic operations
Ensures the cryptographic keys protection
Allows keeping secret the used cryptographic algorithms
Ensures protection for the computer which tuns the installed CA software
The term "key escrow" refers to:
Protocol which negotiates a session key between two entities
Prime number test used in the RSA key generation process
Check if a user holds the private key associated to the public key from a digital certificate
Arrangement by which the cryptographic keys are stored on a trusted third party and used when necessary
How are the users' private keys stored in a database of an enterprise CA implemented by Microsoft Certificate Services 2003?
Without being encrypted, the protection being ensured by the access grants and credentials at the database level
Encrypted by the Key Recovery Agent’s public key
Encrypted with the Backup Operator’s private key
Encrypted with the CA’s private key
The advantages of using a Bridge CA in order to ensure the PKI interoperability are:
It is a standardized method and therefore supported by most PKI applications
Reducing the number of bilateral cross-certification
All users will use a single point of trust - Bridge CA
Simplifying the process of certification policy equivalency
What should be done to ensure the protection of the cryptographic keys?
Keeping the secret of the encryption algorithms used
The choice of key lengths as large as possible
To use validated cryptographic algorithms and modules
The users’ awareness of the importance of correct cryptographic key management
When do you need to revoke a digital certificate?
If the cryptographic algorithms and key lengths are no longer suitable for the necessary protection
If the private key associated to the public key certificate is compromised
If the user leaves the organization
When the user's digital certificate came into possession of a third party
The main features of the OCSP protocol are:
It is used by the clients in order to access the Certificate Repository
Relieves the clients by the CRL’s specific complex processing
Allows the clients to revoke the certificates in case of the compromise of the private key
It is a simple request / response protocol
RA – Registration Authority is designed to:
Check the issuing certificate requests and the identity of the final entities
Archive the private keys used to decrypt data by the end-users
Record the users private keys used to sign data
Verify that users are using the key pairs in a correct manner
What are the minimum recommended key lengths to use for the moment, in order to ensure data protection for 10 years?
128 bits for symmetric algorithms and 2048 bits for public key algorithms
256 bits for symmetric algorithms and 4096 bits for public key algorithms
192 bits for symmetric algorithms and 3072 bits for public key algorithms
64 bits for symmetric algorithms and 1024 bits for public key algorithms
CA – Certification Authority are designed to:
Establish the relationships with other CAs for cross-certification
Issue and revoke digital certificates
Archive the private keys used by the end-users for signing data
Publish the digital certificates in the Repository
Which of the following statements about the Microsoft Certificate Services 2003 version Enterprise - are true?
Allows the implementation of the "m from n" schemes in order to restore the private keys
In addition to Active Directory, it can be integrated with any directory server
Use IIS Web Server as user interface
Allows the definition of new templates for certificates
How is possible to determine the level of trust in a digital certificate issued by a Certification Authority:
Based on Subject Key Identifier extension
By reading Trust Level attribute from the Repository
The analysis of CP and CPS
Using the OCSP protocol
Which of the following statements are true about the hierarchical PKI architectures?
There is a single point of trust - Root Certification Authority
The compromise of the private key does not affect the other authority
The certification paths are unidirectional and easy to determine
The certification paths are dependent by the user who does the validation
{"name":"Protocoale", "url":"https://www.quiz-maker.com/QPREVIEW","txt":"Test your understanding of cybersecurity protocols and concepts with this comprehensive quiz designed for enthusiasts and professionals alike. Dive into 36 challenging questions that cover various aspects of PGP, S\/MIME, SSL, and more!Key Features:36 thought-provoking questionsImmediate feedback on answersTest your skills against peers","img":"https:/images/course5.png"}