Chapter 19 1 A Message Transfer Agent is like a packet switch

CHAPTER 19: ELECTRONIC MAIL SECURITY

TRUE OR FALSE

T F 1. “Pretty Good Privacy” is an alternative email security protocol.

T F 2. An Administrative Management Domain is a directory lookup

service that provides a mapping between the name of a host on the

Internet and its numerical address.

T F 3. E–mail is the most common distributed application that is widely

used across all architectures and vendor platforms.

T F 4. A Message Transfer Agent is like a packet switch or IP router in

that its job is to make routing assessments and to move the

message closer to recipients.

T F 5. A Message Store cannot be located on the same machine as a MUA.

T F 6. RFC 5322 defines a format for text messages that are sent using

electronic mail.

T F 7. SMTP can transmit executable files and other binary objects.

T F 8. The bulk of the MIME specification is concerned with the

definition of a variety of content types.

T F 9. Native form is a format, appropriate to the content type, that is

standardized for use between systems.

T F 10. Base64 transfer encoding is also known as radix-64.

T F 11. Integrity-related email security threats could result in

unauthorized disclosure of sensitive information.

T F 12. The MIME–Version field must have the parameter value 1.0 in

order for the message to conform to RFCs 2045 and 2046.

T F 13. For the text type of body no special software is required to get the

full meaning of the text aside from support of the indicated

character set.

T F 14. The objective of MIME Transfer Encodings is to provide reliable

delivery across the largest range of environments.

T F 15. DKIM is designed to provide an email authentication technique

that is not transparent to the end user.

MULTIPLE CHOICE

1. __________ is a security enhancement to the MIME Internet email format

standard based on technology from RSA Data Security.

A. S/MIME B. SPF

C. DKIM D. HTTPS

2. S/MIME provides authentication through the use of _________ .

A. asymmetric block encryption B. symmetric block encryption

C. radix-64 D. digital signatures

3. S/MIME provides e-mail compatibility using the __________ encoding scheme.

A. radix-64 B. MIME

C. digital signature D. symmetric block

4. __________ email security threats could prevent end users from being able to

send or receive email.

A. Authenticity-related B. Integrity-related

C. Confidentiality-related D. Availability-related

5. There are ______ types of protocols used for transferring email.

A. two B. four

C. six D. three

6. MIME is an extension to the ________ framework that is intended to address

some of the problems and limitations of the use of SMTP.

A. RFC 821 B. RFC 5322

C. RFC 3852 D. RFC 4871

7. The ________ MIME field is a text description of the object with the body; this

is useful when the object is not readable (e.g. audio data).

A. Content-Type B. Content-Description

C. Content-ID D. Content-Transfer-Encoding

8. The __________ field is used to identify MIME entities uniquely in multiple

contexts.

A. Content-Transfer- Encoding B. Content-ID

C. Content-Description D. Content-Type

9. Video content will be identified as _________ format.

A. GIF B. MPEG

C. BMP D. JPEG

10. The __________ subtype is used when there are multiple independent body

parts that need to be bundled in a particular order.

A. multipart/digest B. multipart/parallel

C. multipart/mixed D. multipart/alternative

11. For the __________ subtype the order of the parts is not significant.

A. multipart/mixed B. multipart/digest

C. multipart/alternative D. multipart/parallel

12. S/MIME cryptographic algorithms use __________ to specify requirement level.

A. CAN and MUST B. SHOULD and CAN

C. SHOULD and MIGHT D. SHOULD and MUST

13. ___________ allows email senders to specify policy on how their mail should be

handled, the types of reports that receivers can send back, and the frequency

those reports should be sent.

A. MUA B. DMARC

C. DKIM D. MTA

14. The _________ accepts the message submitted by a Message User Agent and

enforces the policies of the hosting domain and the requirements of Internet

standards.

A. Message Store B. Mail Submission Agent

C. Message Transfer Agent D. Mail Delivery Agent

15. Typically housed in the user’s computer, a _________ is referred to as a client

e-mail program or a local network e-mail server.

A. Mail Submission Agent B. Message Transfer Agent

C. Message Store D. Message User Agent

SHORT ANSWER

1. ___________ is an open-source, freely available software package for e-mail

security which has essentially the same functionality as S/MIME.

2. There are two significant differences between S/MIME and OpenPGP: key

certification and _____________.

3. S/MIME provides for four message-related services: authentication, _________ ,

compression, and email compatibility.

4. To provide transparency for e-mail applications, an encrypted message may

be converted to an ASCII string using _________ conversion.

5. ________ is the standardized way for a sending domain to identify and assert

the mail senders for a given domain.

6. The two types of reports that DMARC reporting provides are aggregate

reports and _________ reports.

7. __________ is a security enhancement to the MIME Internet e-mail format

standard based on technology from RSA Data Security.

8. The __________ MIME field describes the data contained in the body with

sufficient detail that the receiving user agent can pick an appropriate agent

or mechanism to represent the data to the user or otherwise deal with the

data in an appropriate manner.

9. The _________ type refers to other kinds of data, typically either uninterpreted

binary data or information to be processed by a mail-based application.

10. The _________ transfer encoding is useful when the data consists largely of

octets that correspond to printable ASCII characters.

11. The _________ transfer encoding, also known as radix-64 encoding, is a

common one for encoding arbitrary binary data in such a way as to be

invulnerable to the processing by mail-transport programs.

12. _________ is a protocol to allow X.509 certificates, commonly used for

Transport Layer Security (TLS), to be bound to DNS names using DNSSEC.

13. ___________ is a directory lookup service that provides a mapping between the

name of a host on the Internet and its numeric IP address.

14. __________ is a specification for cryptographically signing e-mail messages,

permitting a signing domain to claim responsibility for a message in the mail

stream; message recipients can verify the signature by querying the signer’s

domain directly to retrieve the appropriate public key and thereby

confirming that the message was attested to by a party in possession of the

private key for the signing domain.

15. S/MIME uses the following message content types: Data, SignedData,

EnvelopedData, and ___________ .

TRUE OR FALSE

MULTIPLE CHOICE

SHORT ANSWER