Intro to Cryptography WGU C839 Module 4 Questions And Solutions

Intro to Cryptography WGU C839 Module 4 Questions And Solutions They are in place by the RSA to ensure uniform certificate management throughout the internet - answers -PKCS (Public Key Cryptography Standards) A certificate is a digital representation of information that identifies you as a relevant entity by a? - answers -Trusted Third Party (TTP) This is an entity trusted by one or more users to manage certificates - answers -CA (Certificate Authority) Used to take the burden off of a CA by handling verification prior to certificates being issues. They act as a proxy between user and CA. They receive requests, authenticate them and forward them to the CA - answers -RA (Registration Authority) is a set of rules that defines how a certificate may be used. - answers -CP (Certificate Policy) An international standard for the format and information contained in a certificate. The most common type of digital certificate in the world. Relied on by S/MIME Contains your name, info about you and signature of the person who issued the certificate - answers -X.509 List of certificates issued by a CA that are no longer valid - answers -CRL (Certificate Revocation List) CRL Distribution Method: CA automatically sends the CRL out at regular intervals - answers -PUSH Model CRL Distribution Method: The CRL is downloaded from the CA by those who want to see verify a certificate. This is the end users responsibility - answers -Pull Method Is a Base64 encoded DER certificate, enclosed between "------ BEGIN CERTIFICATE ------" AND "------ END CERTIFICATE ------" - answers -.pem Usually in binary DER form, but Base64-encoded certificates are common too. - answers -.cer, .crt, .der PKCS#7 Signed Data structure without data just certificate(s) or CRL(s) - answers -.p7b, p7c PKCS#12, may contain certificate(s) pubic and private (password protected) keys. - answers .p12 Predecessor of PKCS#12 usually contains data in PKCS#12 format with files generated in IIS - answers -.pfx A newer protocol for verifying certificates in real-time - answers -Online Certificate Status Protocol (OSCP) Determining the path between X.509 digital certificates and a trusted root - answers -Delegated Path Discovery The validation of the path to the trusted root according to a particular validation policy - answers -Delegated Path Validation Setup and initialization Administration Cancelation are the phases of? - answers -Key life-cycle Registration Key pair Generation Certificate Generation Certificate Dissemination - answers -Setup and Initialization Phase Key storage Certificate retrieval and validation Backup or escrow Recovery - answers -Administration Phase Expiration Renewal Revocation Suspension Destruction - answers -Cancelation and History Phase Person who can recover keys from keystore on behalf of a user Highly-trusted person Issue recovery agent certificates - EFS Recovery Agent certificate - Key Recovery Agent Certificate - answers -Update and Path Vulnerabilities The most basic form of authentication User name and password are transmitted over the network and compared to a table of corresponding name-password pairs. Name-password pair table is encrypted, but the transmission of the passwords is done in clear text, unencrypted. It is the basic authentication feature for HTTP - answers -PAP (Password Authentication Protocol) These are usually the encryption of a message digest with the senders private key.