What cryptographic transport algorithm is considered to be significantly more secure than ssl?

Electronic Code Book

Question # 01What term best represents the resiliency of a cryptographic key to attacks?a. key bitsb. key resiliency c. key strength

d. key space

Question # 02Select the term that is used to describe a trusted third-party agency that is responsible for issuing digital certificates:a. Registration Authorityb. Delegation Authorityc. Certification Authority

d. Participation Authority

c. Certification Authority

Question # 03What kind of digital certificate is typically used to ensure the authenticity of a web server to a client?a. privateb. web serverc. public web

d. web client

Question # 04What type of trust model has a single CA that acts as a facilitator to interconnect all other CAs?a. bridge trustb. distributed trustc. third-party trust

d. transitive trust

Question # 05A document that describes in detail how a CA uses and manages certificates, as well as how end users register for a digital certificate, is known as?a. Certificate practice statement (CPS)b. Certificate policy (CP)c. Lifecycle policy (LP)

d. Access policy (AP)

a. Certificate practice statement (CPS)

Question # 06At what stage can a certificate no longer be used for any type of authentication?a. creationb. suspensionc. revocation

d. expiration

Question # 07What cryptographic transport algorithm is considered to be significantly more secure than SSL?a. AESb. HTTPSc. ESSL

d. TLS

Question # 08What protocol below supports two encryption modes: transport and tunnel?a. HTTPSb. IPSecc. SSL

d. TLS

Question # 09The Authentication Header (AH) protocol is a part of what encryption protocol suite below?a. TLS 3.0b. IPSecc. GPG

d. SSL

Question # 10Why is IPSec considered to be a transparent security protocol?a. IPSec packets can be viewed by anyoneb. IPSec is designed to not require modifications of programs, or additional training, or additional client setup.c. IPSec’s design and packet header contents are open sourced technologies

d. IPSec uses the Transparent Encryption (TE) algorithm

b. IPSec is designed to not require modifications of programs, or additional training, or additional client setup.

Question # 11What length SSL and TLS keys are generally considered to be strong?a. 128b. 1024c. 2048

d. 4096

Question # 12What block cipher mode of operation uses the most basic approach where the plaintext is divided into blocks, and each block is then encrypted separately?a. Electronic Code Bookb. Galois/Counterc. Cipher Block Chaining

d. Counter

Question # 13What is a value that can be used to ensure that plaintext, when hashed, will not consistently result in the same digest?a. saltb. initialization vectorc. counter

d. nonce

Question # 14Which of the following is an input value that must be unique within some specified scope, such as for a given period or an entire session?a. saltb. initialization vectorc. counter

d. nonce

Question # 15What common method is used to ensure the security and integrity of a root CA?a. Keep it in an offline state from the network. b. Only use the root CA infrequently.c. Password protect the root CA

d. Keep it in an online state and encrypt it.

a. Keep it in an offline state from the network.

Question # 16Which of the following is a valid way to check the status of a certificate?(Choose all that apply.)a. Online Certificate Status Protocolb. Certificate Revocation Authorityc. Certificate Revocation List

d. Revocation List Protocol

a. Online Certificate Status Protocolc. Certificate Revocation List

Question # 17A digital certificate is a technology used to associate a user's identity to a private key.a. True

b. False

Question # 18A certificate repository (CR) is a publicly accessible centralized directory of digital certificates.a. True

b. False

Question # 19Digital certificates should last forever.a. True

b. False

Question # 20A Subject Alternative Name (SAN) digital certificate, is also known as a Unified Communications Certificate (UCC).a. True

b. False

Question # 21What is used to create session keys?a. master secretb. crypto modulesc. validation

d. domain validation