ITN 266 EXAM QUESTIONS WITH 100% CORRECT ANSWERS
Why is a secure keying phase necessary? - Answer- The keying phase is used for sending keys or secrets securely. Some communication methods are susceptible to key stealing so this occurs after authentication.
What two things should you always do...
Why is a secure keying phase necessary? - Answer- The keying phase is used for
sending keys or secrets securely. Some communication methods are susceptible to key
stealing so this occurs after authentication.
What two things should you always do when sending secured messages - Answer-
Encrypt and sign
What is Hashing? - Answer- Hashing is irreversible
SHA - Secure Hashing Algorithm
MD5 hashing procedure produces 128-bit
SHA-1 160 bits, the rest is the name SHA 256.
What is MS-CHAP - Answer- Microsoft Challenge Handshake Protocol (MS-CHAP)
Session key - Answer- Only used for a single communication session, when two
partners exchange 1 or more symmetric keys for confidentiality.
Asymmetric/Public Key Encryption - Answer- Another family of ciphers for encryption for
confidentiality where everyone has a private and public key
RSA and ECC - Answer- Two widely used public key encryption ciphers, 1024 bit length
for RSA and 512 bit key length for the more efficient ECC (elliptic curve cryptography)
Book says RSA is most popular.
What is the purpose of the Diffie-Hellman Key agreement - Answer- Diffie-Hellman
encryption using public key encryption. (PKE)
Electronic signature - Answer- For message-by-message authentication and message
integrity.
Review figure 3-16 on page 152 - Answer- To create a digital signature:
1. Hash the plaintext to create a digest
2. Sign the digest with sender's private key
3. Transmit encrypted plaintext*DigSig
Test the digital signature:
4. Hash the received plaintext to recreate digest
, 5. Decrypt DigSig with sender's public key
6. If the digest and recreated digest match the message is authenticated.
Digital Signature - Answer- authenticates a single message with public key encryption
True party - Answer- The person the supplicant claims to be (usually proven by the CA)
Message digest - Answer- First step in creating a digital signature: hashing the plaintext
message, and the resulting hash is the message digest
Digital Certificate - Answer- Two most critical fields in the digital certificate are the name
of the true party and the true party's public key.
Provides the public key that authentication methods use to authenticate the applicant,
and consume extensive processing power.
Certificate authority - Answer- An independent and trusted source of information about
the public keys and true parties,
CA's will publish a certificate revocation list (CRL) which can be used to revoke a digital
certificate.
What three things must the receiver of a digital certificate check to ensure that a digital
certificate is valid? - Answer- Check certificates for valid period and for revocation.
Certification path (chain) Make sure the Date is valid. Check the CA's certificate
revocation list (CRL).
What are the two ways to check a certificate's revocation status? - Answer- CA's
certificate revocation list (CRL) Online Certificate Status Protocol (OSCP)
What is cryptography? - Answer- The use of mathematical operations to protect
messages traveling between parties or stored on a computer.
What is a cipher? - Answer- A specific mathematical process used in encryption and
decryption
What is a key? - Answer- a random string of 40 to 4000 bits (ones and zeros).
What is a cryptanalyst? - Answer- Someone who cracks encryption
What is a substitution cipher? - Answer- One character is substituted for another.
What is a transposition cipher? - Answer- letters are moved around within a message,
they are not substituted.
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Scholarsstudyguide. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $12.49. You're not tied to anything after your purchase.