crypto2

42問 • 8ヶ月前

ユーザ名非公開

通報

問題一覧

Which of the following is NOT part of the initialization stage in key/certificate management?

Certificate retrieval

What action occurs during the 'Issued' stage of certificate management?

Certificate validation

What defines the timeframe during which a certificate is valid and trusted?

Start and end date

Which of the following is a reason a certificate may be revoked before its expiration?

Issuing CA was compromised

According to RFC 5280, what are the two main revocation states for a certificate?

Revoked and hold

What does the 'Hold' state indicate in certificate revocation?

The certificate may be revalidated after investigation

What is the typical maximum validity period for a Certificate Revocation List (CRL)?

24 hours

How is a CRL validated?

By verifying its signature using the CA’s public key

Which of the following is an online alternative to using a CRL for certificate status validation?

OCSP

Which of the following is NOT a common tunneling protocol?

FTP

What was a major flaw of SSL v2 that made connections insecure?

Use of export-grade cipher suites

What size key was typically used in export-grade cipher suites under SSL v2?

40-bit

Which of the following is NOT a known SSL/TLS vulnerability?

TUNNEL

In SSL/TLS, which methods are used to create a secure tunnel and signature?

Symmetric encryption and hashing

What is the primary purpose of a VPN tunnel?

Connect a host to a trusted network over a public network

Which two mechanisms are used in IPSec?

ESP and AH

What are the two main phases in setting up an IPSec connection?

Key exchange and tunnel policy definition

What port does the IPSec handshake use for key exchange?

UDP 500

What IP protocol numbers correspond to ESP and AH respectively?

50 and 51

What best describes IPsec transport mode?

End-to-end encryption across the network

What is the main difference with IPsec tunnel mode?

Tunnel traffic is visible at both ends

What does onion routing use to route internet traffic?

Volunteer computers

How does the Tor network improve anonymity online?

It uses global volunteer nodes with multiple hopsIt

What is the purpose of a key escrow in cryptography?

To keep a copy of the encryption key for government access

What does NOBUS stand for in the context of backdoors?

Nobody But Us

What is a chosen-ciphertext attack?

Sending data to be encrypted and then analyzing it

What is the goal of a cut-and-paste attack?

Combining parts of messages to create a new malicious message

What does a time resetting attack exploit?

Time used in key generation

What is a time attack in cryptography?

Calculating time taken to decrypt a message

Which is NOT a weakness of AES itself, but rather due to poor implementation?

Vulnerability to FREAKBrute force attacks

What is a major known weakness of RSA?

Susceptible to numerous known attacks

What is a key escrow system used for in cryptography?

Storing a copy of encryption keys for government use

What is a key escrow system used for in cryptography?

Storing a copy of encryption keys for government use

What does the term NOBUS backdoor stand for?

Nobody But Us

Which attack involves trying every possible key to decrypt a message?

Exhaustive search

What is required for a known plaintext attack to work?

Both ciphertext and part of the corresponding plaintext

Which attack involves impersonating two parties by placing the attacker in between them?

Man-in-the-middle

In a chosen-ciphertext attack, what does the attacker do?

Send a message to be encrypted, then analyze the ciphertext

Which attack involves modifying or inserting messages into a communication stream?

Active attack

How does a time attack work?

By measuring how long it takes to decrypt a message

Which of the following is NOT a weakness of AES itself, but rather due to poor implementation?

Lack of key rotation

Which encryption method is known to be susceptible to several known attacks and weaknesses?

RSA

cryptogrophy

cryptogrophy

crypto pretest

crypto pretest

project management

ユーザ名非公開 · 331問 · 8ヶ月前

project management

331問 • 8ヶ月前

ユーザ名非公開

問題一覧

Which of the following is NOT part of the initialization stage in key/certificate management?

Certificate retrieval

What action occurs during the 'Issued' stage of certificate management?

Certificate validation

What defines the timeframe during which a certificate is valid and trusted?

Start and end date

Which of the following is a reason a certificate may be revoked before its expiration?

Issuing CA was compromised

According to RFC 5280, what are the two main revocation states for a certificate?

Revoked and hold

What does the 'Hold' state indicate in certificate revocation?

The certificate may be revalidated after investigation

What is the typical maximum validity period for a Certificate Revocation List (CRL)?

24 hours

How is a CRL validated?

By verifying its signature using the CA’s public key

Which of the following is an online alternative to using a CRL for certificate status validation?

OCSP

Which of the following is NOT a common tunneling protocol?

FTP

What was a major flaw of SSL v2 that made connections insecure?

Use of export-grade cipher suites

What size key was typically used in export-grade cipher suites under SSL v2?

40-bit

Which of the following is NOT a known SSL/TLS vulnerability?

TUNNEL

In SSL/TLS, which methods are used to create a secure tunnel and signature?

Symmetric encryption and hashing

What is the primary purpose of a VPN tunnel?

Connect a host to a trusted network over a public network

Which two mechanisms are used in IPSec?

ESP and AH

What are the two main phases in setting up an IPSec connection?

Key exchange and tunnel policy definition

What port does the IPSec handshake use for key exchange?

UDP 500

What IP protocol numbers correspond to ESP and AH respectively?

50 and 51

What best describes IPsec transport mode?

End-to-end encryption across the network

What is the main difference with IPsec tunnel mode?

Tunnel traffic is visible at both ends

What does onion routing use to route internet traffic?

Volunteer computers

How does the Tor network improve anonymity online?

It uses global volunteer nodes with multiple hopsIt

What is the purpose of a key escrow in cryptography?

To keep a copy of the encryption key for government access

What does NOBUS stand for in the context of backdoors?

Nobody But Us

What is a chosen-ciphertext attack?

Sending data to be encrypted and then analyzing it

What is the goal of a cut-and-paste attack?

Combining parts of messages to create a new malicious message

What does a time resetting attack exploit?

Time used in key generation

What is a time attack in cryptography?

Calculating time taken to decrypt a message

Which is NOT a weakness of AES itself, but rather due to poor implementation?

Vulnerability to FREAKBrute force attacks

What is a major known weakness of RSA?

Susceptible to numerous known attacks

What is a key escrow system used for in cryptography?

Storing a copy of encryption keys for government use

What is a key escrow system used for in cryptography?

Storing a copy of encryption keys for government use

What does the term NOBUS backdoor stand for?

Nobody But Us

Which attack involves trying every possible key to decrypt a message?

Exhaustive search

What is required for a known plaintext attack to work?

Both ciphertext and part of the corresponding plaintext

Which attack involves impersonating two parties by placing the attacker in between them?

Man-in-the-middle

In a chosen-ciphertext attack, what does the attacker do?

Send a message to be encrypted, then analyze the ciphertext

Which attack involves modifying or inserting messages into a communication stream?

Active attack

How does a time attack work?

By measuring how long it takes to decrypt a message

Which of the following is NOT a weakness of AES itself, but rather due to poor implementation?

Lack of key rotation

Which encryption method is known to be susceptible to several known attacks and weaknesses?

RSA