Page 826 - StudyBook.pdf
P. 826
810 Appendix • Self Test Appendix
4. What statement best describes the transitive trust in a simple CA model?
A. Users trust certificate holders, because the users and the certificate holders each trust the
CA.
B. Users trust certificate holders, because the users trust the CA, and the CA trusts the cer-
tificate holders.
C. Certificate holders trust users, because the certificate holders trust the CA and the CA
trusts its users.
D. Users trust certificate holders, because the certificate holders have been introduced to the
users by the CA.
Answer B. Users trust the CA, the CA trusts the certificate owners, and therefore the users trust
the certificate owners.
Answer A is wrong, because there is no trust from the certificate holders up to the CA.Answer
C is wrong for the same reason, and also because there is no trust from the CA to its users.
Answer B is wrong, because it does not involve the PKI model in any way.
5. In a children’s tree-house club, new members are admitted to the club on the basis of whether
they know any existing members of the club.What form of PKI would be most analogous to
this?
A. A hierarchical CA model
B. A chain of trust
C. A simple CA model
D. A Web of trust
Answer D.A web of trust is a model in which new members are added to the trust model by
creating a trust relationship between themselves and any existing member of the web.
Any CA model (answers A and C) would require a CA, a trusted authority who would
uniquely identify who is allowed in the club.A chain of trust (answer B) would assume that
each newly admitted member knew only the most recent addition to the club.
6. In a hierarchical CA model, which servers will use self-signed certificates to identify them-
selves?
A. Root CAs
B. Intermediate CAs
C. Leaf CAs
D. Subordinate CAs
E. All CAs
Answer A.Any CA other than the root must chain up to the root; only the trust anchor is able
to vouch for itself with no other authority to support its claim.
www.syngress.com
