ITN 266 EXAM QUESTIONS WITH 100% CORRECT ANSWERS
Why is a secure keying phase necessary? - Answer- The keying phase is used for sending keys or secrets securely. Some communication methods are susceptible to key stealing so this occurs after authentication.
What two things should you always do...
Why is a secure keying phase necessary? - Answer- The keying phase is used for
sending keys or secrets securely. Some communication methods are susceptible to key
stealing so this occurs after authentication.
What two things should you always do when sending secured messages - Answer-
Encrypt and sign
What is Hashing? - Answer- Hashing is irreversible
SHA - Secure Hashing Algorithm
MD5 hashing procedure produces 128-bit
SHA-1 160 bits, the rest is the name SHA 256.
What is MS-CHAP - Answer- Microsoft Challenge Handshake Protocol (MS-CHAP)
Session key - Answer- Only used for a single communication session, when two
partners exchange 1 or more symmetric keys for confidentiality.
Asymmetric/Public Key Encryption - Answer- Another family of ciphers for encryption for
confidentiality where everyone has a private and public key
RSA and ECC - Answer- Two widely used public key encryption ciphers, 1024 bit length
for RSA and 512 bit key length for the more efficient ECC (elliptic curve cryptography)
Book says RSA is most popular.
What is the purpose of the Diffie-Hellman Key agreement - Answer- Diffie-Hellman
encryption using public key encryption. (PKE)
Electronic signature - Answer- For message-by-message authentication and message
integrity.
Review figure 3-16 on page 152 - Answer- To create a digital signature:
1. Hash the plaintext to create a digest
2. Sign the digest with sender's private key
3. Transmit encrypted plaintext*DigSig
Test the digital signature:
4. Hash the received plaintext to recreate digest
, 5. Decrypt DigSig with sender's public key
6. If the digest and recreated digest match the message is authenticated.
Digital Signature - Answer- authenticates a single message with public key encryption
True party - Answer- The person the supplicant claims to be (usually proven by the CA)
Message digest - Answer- First step in creating a digital signature: hashing the plaintext
message, and the resulting hash is the message digest
Digital Certificate - Answer- Two most critical fields in the digital certificate are the name
of the true party and the true party's public key.
Provides the public key that authentication methods use to authenticate the applicant,
and consume extensive processing power.
Certificate authority - Answer- An independent and trusted source of information about
the public keys and true parties,
CA's will publish a certificate revocation list (CRL) which can be used to revoke a digital
certificate.
What three things must the receiver of a digital certificate check to ensure that a digital
certificate is valid? - Answer- Check certificates for valid period and for revocation.
Certification path (chain) Make sure the Date is valid. Check the CA's certificate
revocation list (CRL).
What are the two ways to check a certificate's revocation status? - Answer- CA's
certificate revocation list (CRL) Online Certificate Status Protocol (OSCP)
What is cryptography? - Answer- The use of mathematical operations to protect
messages traveling between parties or stored on a computer.
What is a cipher? - Answer- A specific mathematical process used in encryption and
decryption
What is a key? - Answer- a random string of 40 to 4000 bits (ones and zeros).
What is a cryptanalyst? - Answer- Someone who cracks encryption
What is a substitution cipher? - Answer- One character is substituted for another.
What is a transposition cipher? - Answer- letters are moved around within a message,
they are not substituted.
Voordelen van het kopen van samenvattingen bij Stuvia op een rij:
√ Verzekerd van kwaliteit door reviews
Stuvia-klanten hebben meer dan 700.000 samenvattingen beoordeeld. Zo weet je zeker dat je de beste documenten koopt!
Snel en makkelijk kopen
Je betaalt supersnel en eenmalig met iDeal, Bancontact of creditcard voor de samenvatting. Zonder lidmaatschap.
Focus op de essentie
Samenvattingen worden geschreven voor en door anderen. Daarom zijn de samenvattingen altijd betrouwbaar en actueel. Zo kom je snel tot de kern!
Veelgestelde vragen
Wat krijg ik als ik dit document koop?
Je krijgt een PDF, die direct beschikbaar is na je aankoop. Het gekochte document is altijd, overal en oneindig toegankelijk via je profiel.
Tevredenheidsgarantie: hoe werkt dat?
Onze tevredenheidsgarantie zorgt ervoor dat je altijd een studiedocument vindt dat goed bij je past. Je vult een formulier in en onze klantenservice regelt de rest.
Van wie koop ik deze samenvatting?
Stuvia is een marktplaats, je koop dit document dus niet van ons, maar van verkoper Scholarsstudyguide. Stuvia faciliteert de betaling aan de verkoper.
Zit ik meteen vast aan een abonnement?
Nee, je koopt alleen deze samenvatting voor €12,20. Je zit daarna nergens aan vast.
