Question 1

8)The ____ package is composed of mostly abstract classes and interfaces that encapsulate security concepts to provide a configurable, fine-grained access-control security architecture.&#10;A) java.security.provider&#10;B) java.jca&#10;C) java.security.jca&#10;D) java.security

Accepted Answer

The java.security package encapsulates classes and interfaces related to security concepts and provides a configurable, fine-grained access-control security architecture. The other options (java.security.provider and java.jca) are specific to security providers and cryptographic algorithms, respectively, and do not encapsulate the broader security concepts provided by the java.security package. The java.security.jca package is not a valid package in Java.

Question 2

10)____ implements Java technology version of secure sockets layer (SSL) and transport layer security (TLS) protocols.&#10;A) JSSE&#10;B) java.pkcs&#10;C) java.security.spec&#10;D) java.security.cert

Accepted Answer

JSSE (Java Secure Socket Extension) is the implementation of SSL and TLS protocols in Java technology. Option B, C, and D are not relevant to SSL and TLS implementation.

Question 3

18)A ____ is the instruction that describes the set of operations to be performed on the given input in order to produce the cryptographic output.&#10;A) mode&#10;B) transformation&#10;C) provider&#10;D) control

Accepted Answer

A transformation is the set of operations performed on the input to produce the cryptographic output. Modes refer to the way data is processed and encrypted, providers refer to the software or hardware used to perform cryptographic operations, and control refers to the management of access and authorization to cryptographic functions.

Question 4

3)Before JDK 1.4, certification path validation was done implicitly in signature and signed JAR file verification.

Accepted Answer

Before JDK 1.4, certification path validation was done implicitly in signature and signed JAR file verification.

Question 5

17)____ is a block cipher mode in which every plaintext block encrypted with a block cipher is first exclusive-ORed with the previous ciphertext block.&#10;A) CBC&#10;B) ECB&#10;C) OFB&#10;D) CFB

Accepted Answer

CBC (Cipher Block Chaining) mode operates by XORing each plaintext block with the previous ciphertext block before encryption.

Question 6

20)The basic security in ____ comes from the fact it is relatively easy to multiply two huge prime numbers together to obtain their product, but it is computationally difficult to go the reverse direction.

A) ElGamal
B) DES
C) IDEA
D) RSA

Accepted Answer

The statement describes the fundamental principle of RSA encryption, where large prime numbers are used for key generation and their product for encryption. The difficulty in factoring the product back to its primes provides the security in the scheme. ElGamal, DES, and IDEA use different encryption methods and are not relevant to the given principle.

Question 7

16)____ is a block cipher mode in which each possible block of plaintext has a defined corresponding ciphertext value.&#10;A) CBC&#10;B) CFB&#10;C) OFB&#10;D) ECB

Accepted Answer

ECB (Electronic Codebook) mode uses a fixed encryption key to encrypt each block of the plaintext separately. The same plaintext block will result in the same ciphertext block. While this may seem secure, it makes the cipher vulnerable to attacks such as frequency analysis and pattern recognition. Thus, ECB mode is not considered a secure block cipher mode and should be avoided.

Question 8

6)Java cryptography architecture ( JCA) is first introduced in ____.&#10;A) JDK 1.0&#10;B) JDK 1.1&#10;C) JDK 1.4&#10;D) JDK 5.0

Accepted Answer

The Java Cryptography Architecture (JCA) was first introduced in JDK 1.1, providing a framework and implementations for encryption, key generation and management, and secure random number generation, among other cryptographic functionalities.

Question 9

4)Message digests such as MD2 and MD5 can ensure integrity and confidentiality of a message.

Accepted Answer

Message digests such as MD2 and MD5 can only ensure integrity, but not confidentiality. For confidentiality, encryption algorithms such as AES, DES, and RSA are used.

Question 10

5)PK enables secure communication between strangers.

Accepted Answer

PK (public key) cryptography enables secure communication between strangers by using a public key for encryption and a private key for decryption, which ensures that only the intended recipient can read the message.

Question 11

2)JCA provides by default a concrete implementation of the java.security package.

Accepted Answer

The answer of 2)JCA provides by default a concrete implementation...

Question 12

15)____ allow a user to control how encryption will work in a given cipher.&#10;A) Padding&#10;B) Modes&#10;C) Message digests&#10;D) MACs

Accepted Answer

The answer of 15)____ allow a user to control how...

Question 13

12)A ____ is used to ensure the integrity of the message when the message is sent from one location to another.&#10;A) certificate path&#10;B) digital signature&#10;C) digital certificate&#10;D) message digest

Accepted Answer

The answer of 12)A ____ is used to ensure the...

Question 14

19)____ cryptography enables exchange of secure messages between parties without prior arrangement to exchange keys.&#10;A) Public key&#10;B) Secret key&#10;C) Symmetric&#10;D) Private key

Accepted Answer

The answer of 19)____ cryptography enables exchange of secure messages...

Question 15

7)A(n) ____ refers to a set of packages that supply a concrete implementation of a subset of the cryptography functions used by the Security API.&#10;A) provider&#10;B) extensible access control&#10;C) cryptographic service control&#10;D) consumer

Accepted Answer

The answer of 7)A(n) ____ refers to a set of...

Question 16

1)JCA includes a provider architecture that allows multiple and interoperable cryptography implementations.

Accepted Answer

The answer of 1)JCA includes a provider architecture that allows...

Question 17

14)If randomness is needed to enhance security in generating a message digest, a key can be used as part of the message digest generation. This key using algorithm is known as a(n) ____.&#10;A) HCRC&#10;B) MD&#10;C) MAC&#10;D) CRC

Accepted Answer

The answer of 14)If randomness is needed to enhance security...

Question 18

11)____ API is a set of functions for building and validating a certification path.&#10;A) java.security.cert&#10;B) JSSE&#10;C) CertPath&#10;D) java.security

Accepted Answer

The answer of 11)____ API is a set of functions...

Question 19

9)____ is a data-encoding scheme that enables binary-encoded data to be converted to printable ASCII characters.&#10;A) PKCS #8&#10;B) PKCS #11&#10;C) Base64&#10;D) DER

Accepted Answer

The answer of 9)____ is a data-encoding scheme that enables...

Question 20

13)The ____ class provides the functionality of a message digest algorithm.&#10;A) SHA-1&#10;B) MessageDigest&#10;C) java.CRC&#10;D) java.security.MD5

Accepted Answer

The answer of 13)The ____ class provides the functionality of...

Question 21

31)____________________ is the fixed-length result of a one-way hash of the contents in the message, similar to a cryptographic checksum or cyclic redundancy check (CRC).

Accepted Answer

The answer of 31)____________________ is the fixed-length result of a...

Question 22

35)Briefly describe the java.security.cert class.

Accepted Answer

The answer of 35)Briefly describe the java.security.cert class....

Question 23

25)____ is a protocol for establishing a secure communication channel between a client and a server.&#10;A) HTTP&#10;B) SHA&#10;C) RSA&#10;D) SSL

Accepted Answer

The answer of 25)____ is a protocol for establishing a...

Question 24

29)A(n) ____________________ is a transparent representation of the key material that makes up a key.

Accepted Answer

The answer of 29)A(n) ____________________ is a transparent representation of...

Question 25

23)The ____ command line tool is a built-in application for keys and certificates management in Java.&#10;A) keytool&#10;B) certtool&#10;C) keystore&#10;D) keygen

Accepted Answer

The answer of 23)The ____ command line tool is a...

Question 26

34)Briefly describe the java.security.acl class.

Accepted Answer

The answer of 34)Briefly describe the java.security.acl class....

Question 27

24)A ____, also called certificate chain, is an ordered list of certificates that is used to securely establish the mapping between a public key and a subject.&#10;A) self-signed path&#10;B) certificate verification&#10;C) certification path&#10;D) CA's path

Accepted Answer

The answer of 24)A ____, also called certificate chain, is...

Question 28

33)Briefly describe the Java security API.

Accepted Answer

The answer of 33)Briefly describe the Java security API....

Question 29

36)Briefly describe the java.security.interfaces.

Accepted Answer

The answer of 36)Briefly describe the java.security.interfaces....

Question 30

39)How is the confidentiality of a message kept using secret key cryptography?

Accepted Answer

The answer of 39)How is the confidentiality of a message...

Question 31

22)Technically, a ____ is a data structure used in a public key system to bind a particular, authenticated individual to a particular public key.&#10;A) digital certificate&#10;B) digital signature&#10;C) message digest&#10;D) MAC

Accepted Answer

The answer of 22)Technically, a ____ is a data structure...

Question 32

37)Compare the Base64 and DER encoding formats.

Accepted Answer

The answer of 37)Compare the Base64 and DER encoding formats....

Question 33

28)____________________ is the core package that provides the classes and interfaces for the security framework.

Accepted Answer

The answer of 28)____________________ is the core package that provides...

Question 34

40)What are the symmetric encryption modes supported by J2SE 5?

Accepted Answer

The answer of 40)What are the symmetric encryption modes supported...

Question 35

26)____ provides a framework and a Java implementation for the SSL and TLS protocols.&#10;A) java.security.spec&#10;B) JSSE&#10;C) Java Cipher class&#10;D) java.security.cert

Accepted Answer

The answer of 26)____ provides a framework and a Java...

Question 36

21)____ provide(s) a bit pattern (the signature) that proves that a message came from a given party.&#10;A) Message digests&#10;B) Digital certificates&#10;C) Digital signatures&#10;D) RSA

Accepted Answer

The answer of 21)____ provide(s) a bit pattern (the signature)...

Question 37

27)____________________ is a framework for accessing and developing cryptographic functionality for the Java platform.

Accepted Answer

The answer of 27)____________________ is a framework for accessing and...

Question 38

30)____________________ are an encoding method for a data object such as an X.509 certificate.

Accepted Answer

The answer of 30)____________________ are an encoding method for a...

Question 39

38)What are the message digest algorithms supported by the Java MessageDigest class?

Accepted Answer

The answer of 38)What are the message digest algorithms supported...

Question 40

41)What are the padding methods supported by J2SE 5?

Accepted Answer

The answer of 41)What are the padding methods supported by...

Question 41

Match between columns&#10;                        Premises: a set of rules for encoding ASN.1 objects into a sequence of octets&#10;a set of rules for encoding ASN.1 objects into a sequence of octets&#10;a set of rules for encoding ASN.1 objects into a sequence of octets&#10;a set of rules for encoding ASN.1 objects into a sequence of octets&#10;a set of rules for encoding ASN.1 objects into a sequence of octets&#10;a set of rules for encoding ASN.1 objects into a sequence of octets&#10;a set of rules for encoding ASN.1 objects into a sequence of octets&#10;a set of rules for encoding ASN.1 objects into a sequence of octets&#10;a set of rules for encoding ASN.1 objects into a sequence of octets&#10;provides interfaces and classes for key specifications and algorithm parameter specifications&#10;provides interfaces and classes for key specifications and algorithm parameter specifications&#10;provides interfaces and classes for key specifications and algorithm parameter specifications&#10;provides interfaces and classes for key specifications and algorithm parameter specifications&#10;provides interfaces and classes for key specifications and algorithm parameter specifications&#10;provides interfaces and classes for key specifications and algorithm parameter specifications&#10;provides interfaces and classes for key specifications and algorithm parameter specifications&#10;provides interfaces and classes for key specifications and algorithm parameter specifications&#10;provides interfaces and classes for key specifications and algorithm parameter specifications&#10;a language for abstractly describing messages to be exchanged over a variety of networks&#10;a language for abstractly describing messages to be exchanged over a variety of networks&#10;a language for abstractly describing messages to be exchanged over a variety of networks&#10;a language for abstractly describing messages to be exchanged over a variety of networks&#10;a language for abstractly describing messages to be exchanged over a variety of networks&#10;a language for abstractly describing messages to be exchanged over a variety of networks&#10;a language for abstractly describing messages to be exchanged over a variety of networks&#10;a language for abstractly describing messages to be exchanged over a variety of networks&#10;a language for abstractly describing messages to be exchanged over a variety of networks&#10;provides verification of the original content of the message&#10;provides verification of the original content of the message&#10;provides verification of the original content of the message&#10;provides verification of the original content of the message&#10;provides verification of the original content of the message&#10;provides verification of the original content of the message&#10;provides verification of the original content of the message&#10;provides verification of the original content of the message&#10;provides verification of the original content of the message&#10;provides the functionality of a cryptographic cipher for encryption and decryption&#10;provides the functionality of a cryptographic cipher for encryption and decryption&#10;provides the functionality of a cryptographic cipher for encryption and decryption&#10;provides the functionality of a cryptographic cipher for encryption and decryption&#10;provides the functionality of a cryptographic cipher for encryption and decryption&#10;provides the functionality of a cryptographic cipher for encryption and decryption&#10;provides the functionality of a cryptographic cipher for encryption and decryption&#10;provides the functionality of a cryptographic cipher for encryption and decryption&#10;provides the functionality of a cryptographic cipher for encryption and decryption&#10;provides classes and interfaces for parsing and managing certificates, certificate revocation lists (CRLs), and certification paths&#10;provides classes and interfaces for parsing and managing certificates, certificate revocation lists (CRLs), and certification paths&#10;provides classes and interfaces for parsing and managing certificates, certificate revocation lists (CRLs), and certification paths&#10;provides classes and interfaces for parsing and managing certificates, certificate revocation lists (CRLs), and certification paths&#10;provides classes and interfaces for parsing and managing certificates, certificate revocation lists (CRLs), and certification paths&#10;provides classes and interfaces for parsing and managing certificates, certificate revocation lists (CRLs), and certification paths&#10;provides classes and interfaces for parsing and managing certificates, certificate revocation lists (CRLs), and certification paths&#10;provides classes and interfaces for parsing and managing certificates, certificate revocation lists (CRLs), and certification paths&#10;provides classes and interfaces for parsing and managing certificates, certificate revocation lists (CRLs), and certification paths&#10;also called symmetric key encryption, since the sender and recipient use the same key for encryption/decryption&#10;also called symmetric key encryption, since the sender and recipient use the same key for encryption/decryption&#10;also called symmetric key encryption, since the sender and recipient use the same key for encryption/decryption&#10;also called symmetric key encryption, since the sender and recipient use the same key for encryption/decryption&#10;also called symmetric key encryption, since the sender and recipient use the same key for encryption/decryption&#10;also called symmetric key encryption, since the sender and recipient use the same key for encryption/decryption&#10;also called symmetric key encryption, since the sender and recipient use the same key for encryption/decryption&#10;also called symmetric key encryption, since the sender and recipient use the same key for encryption/decryption&#10;also called symmetric key encryption, since the sender and recipient use the same key for encryption/decryption&#10;additional data added to plaintext in order to make it divisible by the cipher's block size&#10;additional data added to plaintext in order to make it divisible by the cipher's block size&#10;additional data added to plaintext in order to make it divisible by the cipher's block size&#10;additional data added to plaintext in order to make it divisible by the cipher's block size&#10;additional data added to plaintext in order to make it divisible by the cipher's block size&#10;additional data added to plaintext in order to make it divisible by the cipher's block size&#10;additional data added to plaintext in order to make it divisible by the cipher's block size&#10;additional data added to plaintext in order to make it divisible by the cipher's block size&#10;additional data added to plaintext in order to make it divisible by the cipher's block size&#10;considered the core API set of the Java programming that is built around the java.security package and its subpackages&#10;considered the core API set of the Java programming that is built around the java.security package and its subpackages&#10;considered the core API set of the Java programming that is built around the java.security package and its subpackages&#10;considered the core API set of the Java programming that is built around the java.security package and its subpackages&#10;considered the core API set of the Java programming that is built around the java.security package and its subpackages&#10;considered the core API set of the Java programming that is built around the java.security package and its subpackages&#10;considered the core API set of the Java programming that is built around the java.security package and its subpackages&#10;considered the core API set of the Java programming that is built around the java.security package and its subpackages&#10;considered the core API set of the Java programming that is built around the java.security package and its subpackages

Accepted Answer

The Answer of DER and Cipher class and ASN and is...

Question 42

42)How does public key cryptography work?

Accepted Answer

The answer of 42)How does public key cryptography work?...

Deck 6: Java Api-Level Security Features