AP Cybersecurity Unit 3 Lesson 6 Quiz
Lesson 3.6 Quiz: Secure Network Protocols
5 questions — Demonstrate your understanding of secure protocol implementations
Crossroads Logistics is hardening its network protocols after a compliance audit found multiple insecure services in production. Fleet GPS trackers, warehouse scanners, and the corporate office all communicate using a mix of legacy and modern protocols.
(B) Incorrect — SSH provides remote terminal access, not web/API data transfer. The scanners use HTTP-based communication.
(C) Incorrect — SMTP is an email protocol, not a replacement for HTTP-based data transmission.
(D) Incorrect — DoH encrypts DNS queries, not application data. The inventory data still needs HTTPS.
(A) Valid TLS function — the server proves its identity with a certificate signed by a trusted CA.
(B) Valid TLS function — both sides agree on encryption parameters (cipher suite).
(D) Valid TLS function — a symmetric session key is derived for efficient bulk encryption.
Root CA → Intermediate CA → dispatch.crossroadslogistics.com
The technician’s browser trusts the Root CA. Which statement is CORRECT?
(A) Incorrect — the browser must verify the entire chain back to a trusted root, not just the server cert alone.
(C) Incorrect — CAs are organizations that issue certificates; they do not need physical presence at the server location.
(D) Incorrect — certificate chains are universal across all HTTPS websites, not limited to government sites.
(A) Incorrect — VPN protocols work over any IP network, including cellular.
(C) Incorrect — lightweight VPN implementations (like WireGuard) exist for embedded devices, though with resource constraints.
(D) Incorrect — the VPN provider is Crossroads itself; the tunnel encrypts data from the tracker to HQ directly.
(A) Incorrect — WPA3 encrypts wireless frames at Layer 2; it does not provide application-layer encryption for HTTPS/SFTP/SSH.
(C) Incorrect — IPsec operates at the network layer; HTTPS and SSH operate at the application/transport layer independently of IPsec.
(D) Incorrect — AES-256 is one cipher option; these protocols support multiple algorithms and negotiate the cipher during handshake.
AP® is a registered trademark of the College Board, which was not involved in the production of this content.
Get in Touch
Whether you're a student, parent, or teacher — I'd love to hear from you.
Just want free AP CS resources?
Enter your email below and check the subscribe box — no message needed. Students get daily practice questions and study tips. Teachers get curriculum resources and teaching strategies.
Message Sent!
Thanks for reaching out. I'll get back to you within 24 hours.
Prefer email? Reach me directly at [email protected]