Scribd Logo
Carica

Benvenuto in Scribd!

  • 2503 Printables Sample

    Caricato da

    atilabayat
    7 visualizzazioni9 pagine
    Prin3

    Copyright

    © © All Rights Reserved

    Formati disponibili

    PDF, TXT o leggi online da Scribd

    Hai trovato utile questo documento?

    Questo contenuto è inappropriato?

    Segnala questo documento
    Prin3

    Copyright:

    © All Rights Reserved
    Scarica in formato PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    7 visualizzazioni9 pagine

    2503 Printables Sample

    Caricato da

    atilabayat
    Prin3

    Copyright:

    © All Rights Reserved
    Scarica in formato PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    di 9

    Table of Contents

    Chapter 1
    Basics of Cryptography...................................................................... 2
    Answer Key 130
    Explanations 151

    Chapter 2
    Communication Security.................................................................. 18
    Answer Key 133
    Explanations 177

    Chapter 3
    General Security Concepts............................................................... 42
    Answer Key 137
    Explanations 216

    Chapter 4
    Infrastructure Security..................................................................... 89
    Answer Key 143
    Explanations 286

    Chapter 5
    Operational/Organizational Security............................................ 113
    Answer Key 147
    Explanations 322
    Security+ Printables
    Copyright 2005 by PrepLogic, Inc.
    Product ID: 2503
    Production Date: April 15, 2005
    Total Questions: 400

    All rights reserved. No part of this document shall be stored in a retrieval system
    or transmitted by any means, electronic, mechanical, photocopying, recording, or
    otherwise, without written permission from the publisher. No patent liability is
    assumed with respect to the use of the information contained herein.

    Warning and Disclaimer


    Every effort has been made to make this document as complete and as accurate as
    possible, but no warranty or fitness is implied. The publisher and authors assume
    no responsibility for errors or omissions. The information provided is on an "as
    is" basis. The authors and the publisher shall have neither liability nor
    responsibility to any person or entity with respect to any loss or damages arising
    from the information contained in this document.

    Volume, Corporate, and Educational Sales


    PrepLogic offers favorable discounts on all products when ordered in quantity.
    For more information, please contact PrepLogic directly:

    1-800-418-6789
    solutions@preplogic.com
    Basics of Cryptography 2

    Chapter 1
    Basics of Cryptography
    1. Which of the following is the difference between confidentiality and integrity?

    A. confidentiality keeps a message private, integrity provides the


    insurance it has not been altered
    B. confidentiality provides the insurance a message has not been
    altered, integrity keeps a message private
    C. confidentiality proves that a message has not been forged, integrity
    keeps a message private
    D. confidentiality provides non-repudiation, integrity keeps a message
    private
    Find the Answer p. 130

    2. Which of the following is the stronger of the two variations of message


    authentication?

    A. Non-repudiation
    B. Authentication
    C. Integrity
    D. Confidentiality
    Find the Answer p. 130

    3. Which of the following is NOT part of PKI?

    A. Symmetric keys
    B. Software
    C. Certificate Authority
    D. Key pairs
    Find the Answer p. 130
    Basics of Cryptography 3

    4. The set of rules issued by a CA is known as which of the following?

    A. Certificate Policy
    B. Bridge CA
    C. CRL
    D. PKIX
    Find the Answer p. 130

    5. A CPS differs from a Certificate Policy by . . .

    A. being a much more detailed statement


    B. being a much less detailed statement
    C. the two are not related
    D. a CPS is only used outside North America
    Find the Answer p. 130

    6. Typically ____________ key management involves the use of a Certificate


    Authority

    A. centralized
    B. decentralized
    C. horizontal
    D. vertical
    Find the Answer p. 130

    7. In reference to encryption, "recovery" is the process of reacquiring a ________ key


    that has been lost

    A. private
    B. public
    C. personal
    D. protected
    Find the Answer p. 130
    Basics of Cryptography 130

    Answers: Chapter 1
    1. A Review Question p. 2 Detailed Explanation p. 151

    2. A Review Question p. 2 Detailed Explanation p. 151

    3. A Review Question p. 2 Detailed Explanation p. 152

    4. A Review Question p. 3 Detailed Explanation p. 152

    5. A Review Question p. 3 Detailed Explanation p. 153

    6. A Review Question p. 3 Detailed Explanation p. 153

    7. A Review Question p. 3 Detailed Explanation p. 154

    8. A Review Question p. 4 Detailed Explanation p. 154

    9. A Review Question p. 4 Detailed Explanation p. 155

    10. A Review Question p. 4 Detailed Explanation p. 155

    11. A Review Question p. 5 Detailed Explanation p. 156

    12. A Review Question p. 5 Detailed Explanation p. 156

    13. A Review Question p. 5 Detailed Explanation p. 156

    14. A Review Question p. 6 Detailed Explanation p. 157

    15. A Review Question p. 6 Detailed Explanation p. 157

    16. A Review Question p. 6 Detailed Explanation p. 158

    17. A Review Question p. 6 Detailed Explanation p. 158

    18. A Review Question p. 7 Detailed Explanation p. 159

    19. A Review Question p. 7 Detailed Explanation p. 159

    20. A Review Question p. 7 Detailed Explanation p. 160

    21. A Review Question p. 7 Detailed Explanation p. 160

    22. A Review Question p. 8 Detailed Explanation p. 161

    23. A Review Question p. 8 Detailed Explanation p. 161


    Basics of Cryptography 151

    Explanations: Chapter 1
    1. Review Question p. 2
    Answers: A
    Explanation A. Confidentiality involves sending messages to authorized parties
    without unauthorized parties being able to understand it. Integrity shows that a message
    has not been altered since the encrypted version of the message was created.
    Explanation B. Confidentiality involves sending messages to authorized parties without
    unauthorized parties being able to understand it. Integrity shows that a message has not
    been altered since the encrypted version of the message was created.
    Explanation C. Confidentiality involves sending messages to authorized parties
    without unauthorized parties being able to understand it. Integrity shows that a message
    has not been altered since the encrypted version of the message was created.
    Explanation D. Confidentiality involves sending messages to authorized parties
    without unauthorized parties being able to understand it. Integrity shows that a message
    has not been altered since the encrypted version of the message was created.
    More Information:
    The difference between confidentiality and integrity?

    PrepLogic Question: 2503-101

    2. Review Question p. 2
    Answers: A
    Explanation A. Non-repudiation is a stronger variation of authentication in that it
    allows the sender's identity to be verified by a 3rd party.
    Explanation B. Authentication is the process of verifying the specific person who sent
    a message
    Explanation C. Integrity is the process that shows a message has not been altered since
    the encrypted version of the message was created.
    Explanation D. Confidentiality involves sending messages to authorize parties without
    unauthorized parties being able to understand it.

    PrepLogic Question: 2503-102


    Basics of Cryptography 152

    3. Review Question p. 2
    Answers: A
    Explanation A. The only incorrect element listed is symmetric keys. This is because
    PKI uses asymmetric (public/private) key pairs for encryption.
    Explanation B. PKI (Public Key Infrastructure) is a combination of software,
    encryption technologies and services that enable enterprises to protect the security of
    communication and business transactions along with proprietary data. The goals of PKI
    are: authenticate identity, verify integrity, ensure privacy, authorize access, authorize
    transactions, and support non-repudiation.
    Explanation C. PKI (Public Key Infrastructure) is a combination of software,
    encryption technologies and services that enable enterprises to protect the security of
    communication and business transactions along with proprietary data. The goals of PKI
    are: authenticate identity, verify integrity, ensure privacy, authorize access, authorize
    transactions, and support non-repudiation.
    Explanation D. PKI (Public Key Infrastructure) is a combination of software,
    encryption technologies and services that enable enterprises to protect the security of
    communication and business transactions along with proprietary data. The goals of PKI
    are: authenticate identity, verify integrity, ensure privacy, authorize access, authorize
    transactions, and support non-repudiation.

    PrepLogic Question: 2503-103

    4. Review Question p. 3
    Answers: A
    Explanation A. A Certificate Policy is a set of rules issued by a Certificate Authority
    (CA)indicating the applicability of a certificate to a class of application(s) with common
    security requirements.
    Explanation B. A Bridge CA (Certificate Authority) is a trust model that is built with
    cross-certificate pairs.
    Explanation C. A CRL (Certificate Revocation List) is a list of the certificates that are
    not valid, either due to suspension, revocation, etc.
    Explanation D. PKIX is the IETF (Internet Engineering Task Force) committee for the
    Public Key Infrastructure, as defined under X.509.

    PrepLogic Question: 2503-104


    Basics of Cryptography 153

    5. Review Question p. 3
    Answers: A
    Explanation A. A CPS (Certificate Practice Statement) is a much more detailed
    statement of the procedures and practices used by a certificate authority in managing
    certificates than is a Certificate Policy.
    Explanation B. A CPS (Certificate Practice Statement) is a much more detailed
    statement of the procedures and practices used by a certificate authority in managing
    certificates than is a Certificate Policy.

    Given this, the statement that a CPS is a much less detailed statement than a Certificate
    Policy is 180 degrees from the truth, and therefore an incorrect answer.
    Explanation C. Although a CPS is more detailed than a Certificate Policy, the two are
    in fact related.

    The CPS includes specific information such as how to establish a digital certificate, how
    to request a certificate revocation, length of time a certificate is valid, etc. Since all
    Certificate Authorities have a CPS, the statement that a CPS is used only outside of
    north America is not a correct one.
    Explanation D. Since all Certificate Authorities have a CPS, the statement that a CPS is
    used only outside of north America is not a correct one.

    PrepLogic Question: 2503-105

    6. Review Question p. 3
    Answers: A
    Explanation A. This question becomes an either or choice. Either you have
    decentralized management, such as with Pretty Good Privacy (PGP), or you have
    centralized management which comes from a Certificate Authority.
    Explanation B. This question becomes an either or choice. Either you have
    decentralized management, such as with Pretty Good Privacy (PGP), or you have
    centralized management which comes from a Certificate Authority.
    Explanation C. Horizontal or vertical as terms in a PKI (Public Key Infrastructure) are
    simple distracters and incorrect choices.
    Explanation D. Horizontal or vertical as terms in a PKI (Public Key Infrastructure) are
    simple distracters and incorrect choices.

    Potrebbero piacerti anche