Correction 70-293 pratice test from ms press

Discussion in 'MCSE' started by Konoki, Oct 14, 2008.

  1. Konoki

    Konoki Guest

    Well I've been cramming for the MCSE test since I have been out of work and
    I just ran across an incorrect answer from the Microsoft MCSE self-pace
    training kit for test 70-293 from Microsoft press (yes I did check the ms
    web site to look for this correction already). Ok let me know if I am wrong
    here but it really does look like a fubar.




    (Question)

    You are a security engineer for an insurance agency. The company transmits
    sensitive documents to one of its customers. You need to ensure that only
    the customer can decipher the documents. The Customer also needs to be
    assured that the documents were transmitted from your company. Your company
    already has a public key pair that can be used for encryption, decryption
    and signing.



    Then it tells you to select from a list the steps that you should take so
    securely transmit a document to the customer.



    (Available options)



    Sign the documents using the private key of the customer.

    Sign the document using the public key of the customer.

    Encrypt the document using the private key of the customer.

    Obtain a private key from the customer.

    Encrypt the document using the private key of the company.

    Encrypt the document using the public key of the company.

    Sign the document using the public key of the company.

    Obtain a public key pair from the customer.

    Obtain a public key from the customer.

    Encrypt the document using the public key of the customer.

    Sign the document using the private key of the company.



    (Their Answer)



    Obtain a public key pair from the customer.

    Encrypt the document using the public key of the customer.

    Sign the document using the public key of the company.



    (Their Explanation "which differes from their answer and which I believe to
    be correct")



    You should first obtain a public key from the customer. The customer will
    need to generate this key along with a corresponding private key. The
    customer should generally give the public key to all users who need to
    encrypt and send the documents to the customer.



    You should then encrypt the document with the customer's public key. Once
    the documents is encrypted, only the corresponding private key can be used
    to decrypt the document.



    You should sign the document using the company's private key. This ensures
    that the documents have not been tampered with when the customer receives
    it. The customer will need to have your company's public key.




    (Comments)

    The differences are the answer states that you obtain a key pair and
    actually you just obtain a public key.



    Next difference is they say you should use your companies public key to
    state that is it from you and then they say you should use your companies
    private key to ensure it is from you.



    For anybody studying for this test it is easy to over look and I did the
    first 4 times I went over that question.
     
    Konoki, Oct 14, 2008
    #1
    1. Advertising

  2. "Konoki" <> wrote in message
    news:...
    > Well I've been cramming for the MCSE test since I have been out of work
    > and I just ran across an incorrect answer from the Microsoft MCSE
    > self-pace training kit for test 70-293 from Microsoft press


    Welcome to the club!... There are those who have... and those who have not
    yet studied. :)

    > (Question)
    >
    > You are a security engineer for an insurance agency. The company transmits
    > sensitive documents to one of its customers. You need to ensure that only
    > the customer can decipher the documents. The Customer also needs to be
    > assured that the documents were transmitted from your company. Your
    > company already has a public key pair that can be used for encryption,
    > decryption and signing.
    >
    > Then it tells you to select from a list the steps that you should take so
    > securely transmit a document to the customer.


    > You should first obtain a public key from the customer. The customer will
    > need to generate this key along with a corresponding private key. The
    > customer should generally give the public key to all users who need to
    > encrypt and send the documents to the customer.
    >
    > You should then encrypt the document with the customer's public key. Once
    > the documents is encrypted, only the corresponding private key can be used
    > to decrypt the document.
    >
    > You should sign the document using the company's private key. This ensures
    > that the documents have not been tampered with when the customer receives
    > it. The customer will need to have your company's public key.


    > (Comments)
    >
    > The differences are the answer states that you obtain a key pair and
    > actually you just obtain a public key.


    A valid semantical difference.

    > Next difference is they say you should use your companies public key to
    > state that is it from you and then they say you should use your companies
    > private key to ensure it is from you.



    The explanation is actually correct, not the answer. You encrypt the
    document with the recipient's public key so that only the intended recipient
    (who possesses the only private key) can decrypt the document. You then sign
    the document (always!) with your private key so that ANYBODY can use your
    public key to verify that you're the sender of the message.


    --
    Lawrence Garvin, M.S., MCITP(x2), MCTS(x5), MCP(x7), MCBMSP
    Principal/CTO, Onsite Technology Solutions, Houston, Texas
    Microsoft MVP - Software Distribution (2005-2009)

    MS WSUS Website: http://www.microsoft.com/wsus
    My Websites: http://www.onsitechsolutions.com;
    http://wsusinfo.onsitechsolutions.com
    My MVP Profile: http://mvp.support.microsoft.com/profile/Lawrence.Garvin
     
    Lawrence Garvin, Oct 14, 2008
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. its me

    pratice test or exam???

    its me, Sep 10, 2004, in forum: MCSD
    Replies:
    0
    Views:
    506
    its me
    Sep 10, 2004
  2. its me

    pratice test or exam???

    its me, Sep 10, 2004, in forum: MCSE
    Replies:
    4
    Views:
    621
    BrianS
    Sep 10, 2004
  3. Guest

    test test test test test test test

    Guest, Jul 2, 2003, in forum: Computer Support
    Replies:
    2
    Views:
    1,042
    halfalifer
    Jul 2, 2003
  4. its me

    pratice test or exam???

    its me, Sep 10, 2004, in forum: MCAD
    Replies:
    0
    Views:
    349
    its me
    Sep 10, 2004
  5. its me

    pratice test or exam???

    its me, Sep 10, 2004, in forum: MCDST
    Replies:
    0
    Views:
    350
    its me
    Sep 10, 2004
Loading...

Share This Page