T F 1. For symmetric encryption to work the two parties to an exchange must share the same key, and that key must be protected from access by others.
T F 2. It is not necessary for a certification authority to maintain a list of certificates issued by that CA that were not expired but were revoked.
T F 3. A session key is destroyed at the end of a session.
T F 4. Kerberos relies exclusively on asymmetric encryption and makes use of public key encryption.
T F 5. The automated key distribution approach provides the flexibility and dynamic characteristics needed to allow a number of users to access a number of servers and for the servers to exchange data with each other.
T F 6. If an opponent captures an unexpired service granting ticket and tries to use it they will be denied access to the corresponding service.
T F 7. The ticket-granting ticket is encrypted with a secret key known only to the authentication server and the ticket granting server.
T F 8. If the lifetime stamped on a ticket is very short (e.g., minutes) an opponent has a greater opportunity for replay.
T F 9. Kerberos version 4 did not fully address the need to be of general purpose.
T F 10. One of the major roles of public-key encryption is to address the problem of key distribution.
T F 11. It is not required for two parties to share a secret key in order to communicate securely with conventional encryption.
T F 12. X.509 is based on the use of public-key cryptography and digital
signatures.
T F 13. User certificates generated by a CA need special efforts made by the directory to protect them from being forged.
14. The principal underlying standard for federated identity is the
Security Assertion Markup Language (SAML) which defines the exchange of security information between online business partners.
T F 15. Federated identity management is a concept dealing with the use of a common identity management scheme across multiple enterprises and numerous applications and supporting many thousands, even millions, of users.
