Maker LogoSuper Survey Maker
Survey MakerSurvey TemplatesContactPrivacy & Security

CKM

Who can recover a private key within an enterprise CA implemented by Microsoft Certificate Services 2003?
Key Recovery Agent
CA Administrator
Backup Operator
Certificate Manager
Certificate Repository serves to:
Logging the events related to the certificates management
CRL distribution
Interface used by the end-users for submitting the issuing certificates requests
The distribution of digital certificates
What is the extension that defines the categories of applications that can use a digital certificate?
Key Usage
Subject Public Key Info
Extended Key Usage
Policy Constraints
What is the role of an HSM - Hardware Security Module?
Accelerates the cryptographic operations
Ensures the cryptographic keys protection
Allows keeping secret the used cryptographic algorithms
Ensures protection for the computer which tuns the installed CA software
The term "key escrow" refers to:
Protocol which negotiates a session key between two entities
Prime number test used in the RSA key generation process
Check if a user holds the private key associated to the public key from a digital certificate
Arrangement by which the cryptographic keys are stored on a trusted third party and used when necessary
How are the users' private keys stored in a database of an enterprise CA implemented by Microsoft Certificate Services 2003?
Without being encrypted, the protection being ensured by the access grants and credentials at the database level
Encrypted by the Key Recovery Agent's public key
Encrypted with the Backup Operator's private key
Encrypted with the CA's private key
The advantages of using a Bridge CA in order to ensure the PKI interoperability are:
It is a standardized method and therefore supported by most PKI applications
Reducing the number of bilateral cross-certification
All users will use a single point of trust - Bridge CA
Simplifying the process of certification policy equivalency
What should be done to ensure the protection of the cryptographic keys?
Keeping the secret of the encryption algorithms used
The choice of key lengths as large as possible
To use validated cryptographic algorithms and modules
The users' awareness of the importance of correct cryptographic key management
When do you need to revoke a digital certificate?
If the cryptographic algorithms and key lengths are no longer suitable for the necessary protection
If the private key associated to the public key certificate is compromised
If the user leaves the organization
When the user's digital certificate came into possession of a third party
The main features of the OCSP protocol are:
It is used by the clients in order to access the Certificate Repository
Relieves the clients by the CRL's specific complex processing
Allows the clients to revoke the certificates in case of the compromise of the private key
It is a simple request / response protocol
RA Registration Authority is designed to:
Check the issuing certificate requests and the identity of the final entities
Archive the private keys used to decrypt data by the end-users
Record the users private keys used to sign data
Verify that users are using the key pairs in a correct manner
What are the minimum recommended key lengths to use for the moment, in order to ensure data protection for 10 years?
128 bits for symmetric algorithms and 2048 bits for public key algorithms
256 bits for symmetric algorithms and 4096 bits for public key algorithms
192 bits for symmetric algorithms and 3072 bits for public key algorithms
64 bits for symmetric algorithms and 1024 bits for public key algorithms
CA Certification Authority are designed to:
Establish the relationships with other CAs for cross-certification
Issue and revoke digital certificates
Archive the private keys used by the end-users for signing data
Publish the digital certificates in the Repository
Which of the following statements about the Microsoft Certificate Services 2003 version Enterprise - are true?
Allows the implementation of the "m from n" schemes in order to restore the private keys
In addition to Active Directory, it can be integrated with any directory server
Use IIS Web Server as user interface
Allows the definition of new templates for certificates
How is possible to determine the level of trust in a digital certificate issued by a Certification Authority:
Based on Subject Key Identifier extension
By reading Trust Level attribute from the Repository
The analysis of CP and CPS
Using the OCSP protocol
Which of the following statements are true about the hierarchical PKI architectures?
There is a single point of trust - Root Certification Authority
The compromise of the private key does not affect the other authority
The certification paths are unidirectional and easy to determine
The certification paths are dependent by the user who does the validation
{"name":"CKM", "url":"https://www.quiz-maker.com/QPREVIEW","txt":"Who can recover a private key within an enterprise CA implemented by Microsoft Certificate Services 2003?, Certificate Repository serves to:, What is the extension that defines the categories of applications that can use a digital certificate?","img":"https://www.quiz-maker.com/3012/images/ogquiz.png"}

More Quizzes

Science Experiment
520
BRITISH HISTORY
10510
Ms. Office
100
How well do you know me?
1367
Discover Your Roman Emperor Persona - Free Roman Emperors
201026708
Fill in the Blanks Questions - Test Sentence Skills
201039743
Discover Your Ideal Career: Free Career Cruising Test
201070444
What Sweet Treat Do I Want? Free Personality
201027229
Free Key Signatures
201021200
10 Commandments: Can You Master the 7th & 10th?
201049840
Ultimate Synonyms Antonyms: Test Your Vocabulary
201068210
TF-CBT: Address Inaccurate Cognitions Like a Pro
201023100
Make your own Survey
- it's free to start.
Super Survey Logo
Powered by
Super Survey Maker | Super Templates Make your own Survey