What is the role of a trusted party in public key infrastructure?

To verify identities and issue certificates.

To create encryption algorithms.

What happens if a CA's private key is compromised?

Attackers can sign certificates with arbitrary data.

No one can use certificates anymore.

What is a Domain Validated Certificate (DV)?

A certificate that verifies domain ownership.

A certificate that requires extensive documentation.

A certificate that is only for organizations.

A certificate that is self-signed.

What is the main purpose of the Common Name field in a certificate?

To match the hostname of the server.

To provide the CA's information.

To store the user's email address.

To indicate the certificate's expiration date.

What is the significance of the CA's public key?

It is used to verify the CA's digital signatures.

It is used to create private keys.

What is an Extended Validated Certificate (EV)?

A certificate that requires extensive verification of the organization.

A certificate that is only for personal use.

A basic certificate for domain validation.

What is the purpose of the openssl command in the context of certificates?

To generate and manage keys and certificates.

What is a common mistake in software regarding certificate validation?

Not comparing the common name with the hostname.

Always trusting self-signed certificates.

Using weak encryption algorithms.

What is the fundamental problem that PKI solves?

Difficulty in verifying the authenticity of public keys

Key exchange in symmetric encryption

How does a digital certificate defeat a Man-in-the-Middle (MITM) attack?

By verifying the ownership of the public key

By encrypting the communication

By using symmetric encryption algorithms

What is the purpose of a CA’s digital signature on a certificate?

To make the certificate immutable and verifiable

To encrypt the certificate data

To create a public-private key pair

What is the primary function of the req command in OpenSSL?

To create certificate signing requests (CSRs)

A CA that issues self-signed certificates and is trusted implicitly

A CA that only issues intermediate certificates

A CA that performs domain validation

A CA that does not require private keys

What does a digital certificate contain?

The public key, the certificate owner's identity, and the CA’s signature

The private key and the public key

Only the certificate owner’s identity

Which type of certificate involves extensive identity verification?

Extended Validated (EV) Certificate

Domain Validated (DV) Certificate

Organizational Validated (OV) Certificate

What is the main difference between a DV and an OV certificate?

OV certificates verify organizational identity in addition to domain ownership

DV certificates are more expensive than OV certificates

OV certificates require the use of a root CA

DV certificates use a longer key length

How do browsers verify a certificate during the TLS handshake?

By checking the certificate against a pre-installed list of trusted root CAs

By using the server’s private key

By asking the user to confirm the certificate

By encrypting the certificate with a symmetric key

What is the role of an intermediate CA?

To issue certificates on behalf of the root CA

To act as a backup for the root CA

To verify browser compatibility

Why are root CAs trusted by default?

Their certificates are pre-installed in operating systems and browsers

They are only used for symmetric encryption

A text-based format for keys and certificates

A binary format for public keys

A compressed file format for certificates

What is the primary responsibility of a web server using HTTPS?

Providing all required certificates for the chain of trust

Performing symmetric encryption

How does DNS manipulation contribute to MITM attacks?

By redirecting traffic to an attacker-controlled server

By generating fraudulent certificates

By compromising the CA’s private key

By disabling encryption algorithms

What is the purpose of the Common Name (CN) in a certificate?

To match the certificate to the intended hostname

To define the encryption algorithm

To store the certificate's private key

What happens if the browser detects a mismatch in the CN field?

The browser rejects the connection

The connection is encrypted but not authenticated

The certificate is silently ignored

The browser uses a backup certificate

What security flaw arises from a compromised CA private key?

Attackers can issue rogue certificates

Attackers can decrypt all communications

Attackers can modify trusted root certificates

Attackers can change certificate validity dates

What is a typical attack surface on PKI?

Collision-resistant properties of hash algorithms

User confirmation of the certificate’s common name

CA’s verification and signing process

What does the chain of trust in PKI refer to?

The hierarchical structure of root and intermediate CAs

The sequence of hash algorithms used for encryption

The path from plaintext to ciphertext

The network of servers using certificates

Why are EV certificates considered more secure?

They require more extensive identity verification

They are not susceptible to MITM attacks

What is one common limitation of self-signed certificates?

They are not verifiable by browsers unless manually trusted

They cannot be used for encryption

They do not use hash algorithms

They require a CA to issue them

What is the main weakness of using SHA-1 in digital certificates?

It has been shown to be vulnerable to collision attacks

It is too slow for modern systems

It cannot be used for certificate signing

What does DCV stand for in the context of domain validation?

Digital Certificate Verification

Domain Certificate Verification

What does the $ openssl verify command do?

Verifies the authenticity and validity of a certificate chain

Generates a new X.509 certificate

Encrypts certificate signing requests

Which of the following is a countermeasure to weak hash algorithms?

Using collision-resistant algorithms like SHA-256

Disabling certificate revocation checks

Removing intermediate certificates

W10 Public Key Infrastructure and Data Security

Authored by Elena Vu

Computers

University

Used 2+ times

W10 Public Key Infrastructure and Data Security

AI Actions

Add similar questions

Adjust reading levels

Convert to real-world scenario

Translate activity

More...

Content View

Student View

45 questions

Show all answers

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

What is the fundamental problem in public key cryptography?

Bob cannot tell if the public key belongs to Alice.

Alice cannot send her public key.

The certificate cannot be verified.

The private key is lost.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

What is a Digital Certificate?

A document certifying that a public key belongs to a specific identity.

A type of encryption algorithm.

A method to generate private keys.

A software application for managing keys.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

What does a Certificate Authority (CA) do?

Verifies identities and binds them to public keys.

Manages user passwords.

Creates fake certificates.

Generates private keys for users.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

What is the purpose of a digital signature?

To generate a public key.

To create a certificate.

To encrypt the message.

To verify the authenticity of a message.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

What is the X.509 standard used for?

Managing user accounts.

Creating encryption algorithms.

Defining the format of public key certificates.

Establishing network protocols.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

What is a Man-in-the-Middle (MITM) attack?

An attack where the attacker intercepts communication between two parties.

An attack that generates fake certificates.

An attack that encrypts data.

An attack that targets only public keys.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

How can MITM attacks be defeated using digital signatures?

By ignoring the public key.

By sending unencrypted messages.

By verifying the certificate with a trusted party.

By using only private keys.

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

50 questions

Midterm Exam for AST 122

Quiz

•

University

45 questions

Long Quiz - HCI

Quiz

•

University

40 questions

PAK

Quiz

•

University

40 questions

ข้อสอบปลายภาควิชาการออกแบบสิ่งพิมพ์

Quiz

•

10th Grade - University

40 questions

OP 4 SPECIAL EXAM MIDTERM

Quiz

•

University

40 questions

Unit 12, 13_ Haifaa_2020

Quiz

•

University

40 questions

Desktop Publishing Quiz 2

Quiz

•

University

40 questions

BASIS DATA 1

Quiz

•

University

Popular Resources on Wayground

7 questions

History of Valentine's Day

Interactive video

•

4th Grade

15 questions

Fractions on a Number Line

Quiz

•

3rd Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

$fractions$

22 questions

fractions

Quiz

•

3rd Grade

15 questions

Valentine's Day Trivia

Quiz

•

3rd Grade

20 questions

Main Idea and Details

Quiz

•

5th Grade

20 questions

Context Clues

Quiz

•

6th Grade

Discover more resources for Computers

18 questions

Valentines Day Trivia

Quiz

•

3rd Grade - University

12 questions

IREAD Week 4 - Review

Quiz

•

3rd Grade - University

23 questions

Subject Verb Agreement

Quiz

•

9th Grade - University

5 questions

What is Presidents' Day?

Interactive video

•

10th Grade - University

7 questions

Renewable and Nonrenewable Resources

Interactive video

•

4th Grade - University

20 questions

Mardi Gras History

Quiz

•

6th Grade - University

10 questions

The Roaring 20's Crash Course US History

Interactive video

•

11th Grade - University

17 questions

Review9_TEACHER

Quiz

•

University