Which of the following is NOT true regarding PCRs in attestation?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $25.99Unlock all

Prepare for the Trusted Agent Exam with engaging questions, flashcards, and detailed explanations. Dive deep into essential topics to increase your chances of success. Ace your exam with confidence!

Multiple Choice

Which of the following is NOT true regarding PCRs in attestation?

Explanation:
Platform Configuration Registers (PCRs) in attestation hold measurements that reflect the current state of the system. They aren’t a place to stash data; they’re updated by extending with new measurements, so each PCR value becomes a rolling hash that represents the sequence of measured events from boot through runtime. This design lets a verifier check what the platform looked like at a specific moment without needing to trust the machine itself. Because of that, PCRs store measured values (or the hashed form of those measurements) and are actively extended during boot and runtime events, building a tamper-evident log of the platform state. Attestation quotes are generated to sign the PCR values, proving to a remote party what the platform state is at the moment of the quote. Storing password hashes in PCRs is not how the system is designed to work. PCRs are meant to reflect measurements of firmware, bootloaders, kernels, and other components, not secrets. Password hashes belong in secure storage or protected vaults and are handled by authentication mechanisms, not by PCR-based measurements.

Platform Configuration Registers (PCRs) in attestation hold measurements that reflect the current state of the system. They aren’t a place to stash data; they’re updated by extending with new measurements, so each PCR value becomes a rolling hash that represents the sequence of measured events from boot through runtime. This design lets a verifier check what the platform looked like at a specific moment without needing to trust the machine itself.

Because of that, PCRs store measured values (or the hashed form of those measurements) and are actively extended during boot and runtime events, building a tamper-evident log of the platform state. Attestation quotes are generated to sign the PCR values, proving to a remote party what the platform state is at the moment of the quote.

Storing password hashes in PCRs is not how the system is designed to work. PCRs are meant to reflect measurements of firmware, bootloaders, kernels, and other components, not secrets. Password hashes belong in secure storage or protected vaults and are handled by authentication mechanisms, not by PCR-based measurements.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy