you trust the CA that issued it, and you can only trust that CA if you trust the CA above it on the chain
A certificate is also ___.
a way to distribute the holders public key
A ___ called a certificate authority issues certificates and the associated public/private key pairs.
The CA is responsible for setting up the ___.
What is a key escrow agent?
a third party that maintains a backup of private keys
Digital signatures are covered by which PKCSs?
Certificate requests are covered by which PKCSs?
Why do you need to install the CA certification chain?
to add the root CA as a trusted root
With digital certificates, you have to balance ___ versus ___.
length of private keys versus how long before requiring renewal
SSL is a stateful security protocol that combines ___ with ___.
certificates for authentication with RSA public key encryption
A vulnerability scan is ___.
If a user dies, go to the key escrow and fetch his data, before you do what?
(before you revoke his certificate)
What is a CRL?
certificate revocation list
What is an alternative to key backup?
In a key escrow scheme, what is it called when only a certain number of agents are required to recover a key?
M of N control
What is due care?
a policy that describes how individuals should use and maintain company-issued hardware and software
What is “due process”?
it refers to the idea that laws and enforcement must be fair, respectful, and consistent not necessarily based on law
How do you test motion detectors?
If someone baits you leaving a CD in a restroom, it is probably a ___.
policy violation test
What is a BCP?
business continuity plan
What is a DRP?
disaster recovery plan
What are SLAs?
service level agreements
A backup is considered most secure, when it is stored ___ and ___.
offline and offsite
What is the difference between a differential backup and an incremental backup?
the IB clears the archive bits
What is the difference between a DRP and BCP?
the BCP focuses on keeping the most critical components of a business running after a disaster
Is WPA a security implementation?
What is OMA?
open mobile alliance
What does CTI do?
computer telephony integration allow phone, email, fax and web to work together
What is tunneling?
a data transport technique that lets a data packet from one protocol to be transferred across a network inside the frame or packet of another protocol. So data from one network type can travel through another network type
NPS is an implementation of ___.
___ is an implementation of RADIUS.
What is NPS?
network policy server, on Windows Server 2008
What is the ISAKMP port number?
What is the L2TP port number?
What is the PPTP port number?
What is CHAP?
challenge handshake authentication protocol
Buffer overflow attacks can target everything except ___.
Which kind of Active-X controls are often considered to be more trustworthy?
Java has their own protected area of memory called the ___.
What does the Java bite code verifier do?
Performs a formatting test to determine if the applet originated from a trustworthy source