Add to collection(s) Add to saved
  1. Social Science
  2. Political Science
  3. American Politics

Chapter 7 Reading Questions

advertisement 
Chapter 7 Reading Questions
Student Name: ____________________________________
Read pages 272-284 in order to answer the following questions
Q.1. As mentioned in the introduction of Digital Certificates (p. 273-274), in Public key-based
authentication the verifier (usually a server) uses the applicants’ (i.e. the clients’ or true parties’)
Public keys to decrypt Digital Signatures (DS) (see Figure 7-13 for illustration). But verifiers
cannot rely on the applicants to provide them with their Public key because some applicants’
could be imposters. If verifiers rely on applicants to get applicants’ Public keys and use them to
authenticate the messages they receive from the applicants there might be disastrous
consequences and financial lost. Read the message-by-message authentication process illustrated
in Figure 7-13 and tell which of the following could be a reason why imposters could easily
mislead verifiers if the verifiers rely on applicants.
a) Given the fact that the applicants’ digital signatures (DS) are created by encrypting the
Hash of the Plaintext using the senders’ Public key, the verifiers would decrypt the digital
signatures (DS) they receive from imposters using the imposters’ Public key and get
message digests (MD) that could lead to (false) positive authentications of the imposters’
messages.
b) Given the fact that the applicants’ digital signatures (DS) are created by encrypting the
Hash of the Plaintext using the senders’ Private key, the verifiers would decrypt the
digital signatures (DS) they receive from imposters using the imposters’ Public key and
get message digests (MD) that could lead to (false) positive authentications of the
imposters’ messages.
c) None of the above
Q.2. Why are certificate authorities used? (Choose all that apply)
a) because using certificate authorities allow servers configured to authenticate transactional
messages (like trade secrets, financial transactions, etc.) to make sure that the messages
they receive come from the right sources.
b) because using certificate authorities is a good way to avoid Public Key Deception
c) because certificate authorities are regulated in most countries
d) None of the above
Q.3. If a verifier could request and get a digital certificate from a well-known certificate
authority (CA), this means ….
a) that the applicant (or the firm) named in the certificate is honest
b) that the applicant (or the firm) named in the certificate is a customer of the certificate
authority
c) None of the above
Q.4. Which of the following is the standard for digital certificates?
a) RSA
b) DCS
c) X.509
MIS 4850 Systems Security
106729803
Page 1 of 5
Exhibit
Q.5. Based on the definition of the fields of a X.509 digital certificate as explained in the book,
what is the entity to which the certificate (shown in the above exhibit) is issued?
a) Thawte Consulting of Western Cape in South Africa
b) Freesoft of Maryland in the U.S.
c) None of the above
Q.6. To prevent deception, digital certificates are signed by the _____.
a) applicant
b) verifier
c) certificate authority
d) Both a. and b.
Q.7. Digital certificates are created to tell you…
a) A true party’s public key.
b) That the individual or company owning the certificate is trustworthy
c) Both of the above.
d) Neither a. nor b.
Q.8. What are the TWO most critical fields in a X.509 digital certificate?
a) the version number
b) the issuer
c) the subject
d) the public key
MIS 4850 Systems Security
106729803
Page 2 of 5
Q.9. What other field is needed to use the information in the two most critical fields of a X.509
digital certificate?
a) the signature algorithm identifier
b) the Public key algorithm
c) The serial number
Q.10. What TWO fields of a X.509 digital certificate allow the receiver of a certificate to
determine if the certificate has been altered?
a) the Signature algorithm identifier
b) the version number
c) the Digital Signature
Q.11. Why is it important to check CRLs?
a) because CRLs are used to authenticate applicants
b) because the CA may cancel the digital certificate before its expiration date.
c) None of the above
Q.12. Which of the following is not a function of a Public Key Infrastructure?
a) Create public key-private key pairs.
b) Distribute private keys securely.
c) Distribute public keys through digital certificates.
d) None of the above
Q.13. Distinguish between long-term versus session symmetric keys.
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
Q.14. When Public Key Encryption is used to exchange symmetric keys between Party A and
Party B, what key from the pair of Public-Private key is used by the sender to encrypt the
symmetric key that needs to be sent to the other party?
a) The session key.
b) The sender’s Public key.
c) None of the above.
MIS 4850 Systems Security
106729803
Page 3 of 5
Chapter 8 Reading Questions
Read pages 290-318 in order to answer the following questions
Q.1.
_____ works at the application layer?
a. SSL/TLS
b. Kerberos
c. PPTP
d. IPsec
e. All of the above.
Q.2.
Which of the following provides security at the transport layer?
a. IPsec
b. PPTP
c. SSL/TLS
d. Kerberos
Q.3.
In consumer e-commerce, SSL/TLS normally authenticates _____.
a) the consumer
b) the merchant
c) Both of the above.
d) Neither a. nor b.
Q.4.
SSL/TLS provides _____.
a. confidentiality
b. key exchange
c. Both of the above.
d. Neither a. nor b.
Q.5. When SSL/TLS security is used in e-commerce, the number of transactions a server can
process per second ……..
a. reduces
b. increases
c. remain the same
Q.6. _____ provides protection transparently to higher-layer protocols with most network
applications.
a. SSL/TLS
b. IPsec
c. Both of the above.
d. Neither a. nor b.
Q.7.
When users dial into corporate networks, they reach a device called a ______.
a. RAS
b. RADIUS server
Q.8.
Authentication is mandatory in PPP.
MIS 4850 Systems Security
106729803
T
Page 4 of 5
F
Q.9. Which type of PPP authentication sends passwords/secrets in the clear, without
encryption for confidentiality?
a. PAP
b. MS-CHAP
c. Both of the above.
d. Neither a. nor b.
Q.10. Which of the following PPP authentication protocol is more secure?
a. PAP
b. CHAP
c. MS-CHAP
Q.11. Which of the following modes offers end-to-end security between hosts in IPsec?
a. tunnel mode
b. transport mode
c. Both of the above.
d. Neither a. nor b.
Q.12. Which of the following usually requires the addition of software to the source and
destination hosts?
a) IPsec tunnel mode
b) IPsec transport mode
c) Both of the above.
d) Neither a. nor b.
Q.13. In IPsec, a mandatory default algorithm for bulk encryption (i.e. confidentiality) is….
a. Simple DES
b. DES-CBC
c. Both of the above.
d. Neither a. nor b.
Q.14. In IPsec, the mandatory default algorithm for key exchange is _____.
a. RSA
b. Diffie-Hellman
c. DES-CBC
d. Digital Signatures
Q.15. Which of the following provides message-by-message authentication?
a) Digital signatures
b) HMACs
c) Both of the above.
Q.16. HMACs use ____.
a. symmetric key encryption
b. public key encryption
c. hashing
d. a. and c.
e. a., b., and c.
MIS 4850 Systems Security
106729803
Page 5 of 5
Related documents
SCHOOL BOARD RECOGNITION
SCHOOL BOARD RECOGNITION
Child Protection study day 12th June 2007
Child Protection study day 12th June 2007
Application for Land Value Tax Rate Applicable to Land Used for
Application for Land Value Tax Rate Applicable to Land Used for
PAFCPIC "We Care Abuloy"
PAFCPIC "We Care Abuloy"
request for recognition of a language certificate as
request for recognition of a language certificate as
Application for Land Value Tax Rate Applicable to Land Used for
Application for Land Value Tax Rate Applicable to Land Used for
Download
advertisement