Protocoale

An abstract representation of cybersecurity, including elements like padlocks, digital keys, and network diagrams, with a futuristic blue and green color scheme.

Secure Your Knowledge: Cybersecurity Quiz

Test your understanding of cybersecurity protocols and concepts with this comprehensive quiz designed for enthusiasts and professionals alike. Dive into 36 challenging questions that cover various aspects of PGP, S/MIME, SSL, and more!

Key Features:

36 thought-provoking questions
Immediate feedback on answers
Test your skills against peers

36 Questions9 MinutesCreated by AnalyzingCipher42

What are the main advantages of the web of trust model used by PGP to establish trust in a public key:

Transitivity of trust relationships

High scalability

Doesn’t need a third trustful entity

Avoids the necessity of key revocation if the key was compromised

S/MIME provides protection against:

Unauthorized message alteration

E-mail addresses substitution

Virus multiplication

Denial-of-service attacks

The “data tunneling” expression, specific to VPNs it refers to:

Method used by system administrators for detecting possible network intrusions

A mechanism which allow data to pass through firewall systems

Optional feature which activated, increases the network performances

Packet encapsulation in other packages belonging to a different protocol in order to create a virtual circuit

Which are the main advantages of virtual private networks (VPN) in comparison with frame relay based networks, leased lines or dial-up?

Lower installation and operation costs

Increasing security level

Higher availability for network services

Higher transfer rates

In which of the following authentication protocols mentioned below, the password is transmitted in clear through the network?

Password Authentication Procedure (PAP)

Kerberos

Challenge-Handshake Authentication Protocol (CHAP)

Windows NT LAN Manager (NTLM)

Which of the following affirmations about the Kerberos protocol are true?

It represents the main authentication mechanism in Windows 2000/2003/2008 domains

Has been developed by RSA Security corporation

It uses one time generated passwords

Is time dependent

Which of the following organizations deals with the standardization of electronic signature at European level?

ETSI ESI

ISO/IEC

PC/SC

CEN/ISSS

What needs to be used for encrypting and signing the electronic messages using S/MIME?

S/MIME compatible e-mail servers

S/MIME compatible e-mail clients

SSLization of e-mail servers and clients

Digital certificates for users

Which of the following sentences about the standard PKCS #7 are true?

It uses the ASN.1 language for describing the data structures

It specifies the syntax for cryptographic messages

It became outdated, being replaced by the PKCS #8 standard

Have been developed by the Internet Engineering Task Force (IETF)

The Record Protocol within SSL provides:

Transaction’s non-repudiation

Message confidentiality

Message integrity

Authentication of entities

The Encapsulating Security Payload (ESP) protocol within IPSec provides:

Data origin authentication

Data integrity

Data confidentiality

Data non-repudiation transfer

Kerberos is efficient against the following:

Dictionary attacks

Repetition attacks

Denial-of service attacks

Social engineering

How is the session key generated within the Diffie Helman protocol?

The session key is generated by exchanging random values between transmitter and recipient and the use of an algorithm whose security is based on the impossibility of calculating discrete logarithms

The session key is randomly generated by the transmitter and sent encrypted to the recipient

The session key is generated by a third trustful party

The session key is generated simultaneously by transmitter and recipient using a time based algorithm

Who developed the X.509 standard, describing the digital certificates syntax?

International Telecommunication Union (ITU)

Internet Engineering Task Force (IETF)

International Standards Organization (ISO)

RSA Laboratories

Which is the SSL protocol used for entities authentication and the negotiation of algorithms and cryptographic keys:

Change Cipher SpecProtocol

Internet Key Exchange

Record Protocol

Handshake Protocol

Which of the following technologies uses two factors for the authentication of its users?

ISAKMP/Oakley

NTLM

LDAP

RSA SecurID

Which of the following affirmations about the SSL protocol are true?

It uses digital certificates for parties authentication

Is a third level protocol

It requires changing the TCP/IP stack

It can only be used for securing the web traffic

Who can recover a private key within an enterprise CA implemented by Microsoft Certificate Services 2003?

Key Recovery Agent

CA Administrator

Backup Operator

Certificate Manager

Certificate Repository serves to:

Logging the events related to the certificates management

CRL distribution

Interface used by the end-users for submitting the issuing certificates requests

The distribution of digital certificates

What is the extension that defines the categories of applications that can use a digital certificate?

Key Usage

Subject Public Key Info

Extended Key Usage

Policy Constraints

What is the role of an HSM - Hardware Security Module?

Accelerates the cryptographic operations

Ensures the cryptographic keys protection

Allows keeping secret the used cryptographic algorithms

Ensures protection for the computer which tuns the installed CA software

The term "key escrow" refers to:

Protocol which negotiates a session key between two entities

Prime number test used in the RSA key generation process

Check if a user holds the private key associated to the public key from a digital certificate

Arrangement by which the cryptographic keys are stored on a trusted third party and used when necessary

How are the users' private keys stored in a database of an enterprise CA implemented by Microsoft Certificate Services 2003?

Without being encrypted, the protection being ensured by the access grants and credentials at the database level

Encrypted by the Key Recovery Agent’s public key

Encrypted with the Backup Operator’s private key

Encrypted with the CA’s private key

The advantages of using a Bridge CA in order to ensure the PKI interoperability are:

It is a standardized method and therefore supported by most PKI applications

Reducing the number of bilateral cross-certification

All users will use a single point of trust - Bridge CA

Simplifying the process of certification policy equivalency

What should be done to ensure the protection of the cryptographic keys?

Keeping the secret of the encryption algorithms used

The choice of key lengths as large as possible

To use validated cryptographic algorithms and modules

The users’ awareness of the importance of correct cryptographic key management

When do you need to revoke a digital certificate?

If the cryptographic algorithms and key lengths are no longer suitable for the necessary protection

If the private key associated to the public key certificate is compromised

If the user leaves the organization

When the user's digital certificate came into possession of a third party

The main features of the OCSP protocol are:

It is used by the clients in order to access the Certificate Repository

Relieves the clients by the CRL’s specific complex processing

Allows the clients to revoke the certificates in case of the compromise of the private key

It is a simple request / response protocol

RA – Registration Authority is designed to:

Check the issuing certificate requests and the identity of the final entities

Archive the private keys used to decrypt data by the end-users

Record the users private keys used to sign data

Verify that users are using the key pairs in a correct manner

What are the minimum recommended key lengths to use for the moment, in order to ensure data protection for 10 years?

128 bits for symmetric algorithms and 2048 bits for public key algorithms

256 bits for symmetric algorithms and 4096 bits for public key algorithms

192 bits for symmetric algorithms and 3072 bits for public key algorithms

64 bits for symmetric algorithms and 1024 bits for public key algorithms

CA – Certification Authority are designed to:

Establish the relationships with other CAs for cross-certification

Issue and revoke digital certificates

Archive the private keys used by the end-users for signing data

Publish the digital certificates in the Repository

Which of the following statements about the Microsoft Certificate Services 2003 version Enterprise - are true?

Allows the implementation of the "m from n" schemes in order to restore the private keys

In addition to Active Directory, it can be integrated with any directory server

Use IIS Web Server as user interface

Allows the definition of new templates for certificates

How is possible to determine the level of trust in a digital certificate issued by a Certification Authority:

Based on Subject Key Identifier extension

By reading Trust Level attribute from the Repository

The analysis of CP and CPS

Using the OCSP protocol

Which of the following statements are true about the hierarchical PKI architectures?

There is a single point of trust - Root Certification Authority

The compromise of the private key does not affect the other authority

The certification paths are unidirectional and easy to determine

The certification paths are dependent by the user who does the validation

Unlock and Upgrade

Remove all limits from your Quizzes

Protocoale

Secure Your Knowledge: Cybersecurity Quiz

More Quizzes