Self-Sovereign Identity – Exam of the Academy

2
Creato il Per Jacopo Sesana

Self-Sovereign Identity Master – Exam of the Academy

Well, you’ve come to the Self-Sovereign Identity Academy exam. Are you ready to test your skills on this topic?

Some information before proceeding with the test:

  • 60 True or False Questions
  • 30 minutes of time
  • Above 60% you get the verifiable credential signed by SSI Academy, Dizme Foundation (a Linux foundation), NGC, and NYM lab s.r.

1 / 60

A data leak is the unauthorized transmission of data from within an organization to an external recipient.

2 / 60

Verifiable credentials and submissions MUST have the “type” property. Any unprovided credential or presentation is still verifiable.

3 / 60

The social login follows the scheme of the centralized identity authentication model.

4 / 60

The proof that the credential was issued by a specific university is given by the digital signature contained within the DID Document.

5 / 60

In 2020, the average cost per data breach is over 3 million dollars.

6 / 60

A DID-based blockchain that supports the Universal Resolver must define and implement a DID driver

7 / 60

OAuth 2 is a framework built on OpenID Connect.

8 / 60

OAuth 2 uses a digitally signed SAML token with limited and self-referential time validity.

9 / 60

Each entity can have a limited number of ones.

10 / 60

Thanks to cryptography, distributed science, and game theory, a blockchain is a great shared and public root of trust.

11 / 60

A zero-knowledge test is a cryptographic method in which an entity can try to another entity to know a certain value without revealing the actual value.

12 / 60

The “id” property is intended to unequivocally refer to an object, a person, a product, or an organization.

13 / 60

Within the GDPR, we find the principle of minimization within Art. 5, of Art. 51 in Art. 25, in Art 89.

14 / 60

With a credential, it is also possible to express information concerning several subjects.

15 / 60

There is only one case in which a verifiable credential can be contested: a person disputes a claim made by the issuer.

16 / 60

The “issuance data” property expresses the date and time when a credential becomes invalid.

17 / 60

An identity provider is in charge of managing the digital identity and executing the authentication mechanism.

18 / 60

In Italy, the digital identity companies must be accredited by Poste Italiane S.p.A.

19 / 60

All entities count on the data log to be tamper-proof and to be a correct record of entity-controlled data.

20 / 60

It is also useful to enable a manual or automatic refresh system of an active credential.

21 / 60

When identifiers are used, there is a need to contact the issuer of the identifier for verification.

22 / 60

Verification of a user’s identity occurs through the exchange of data, called assertions.

23 / 60

If a digital signature is used for the validation mechanism, the “proof” property must contain the name of the signatory, a reference, and the date on which he signed.

24 / 60

The owner expects that the credentials are securely stored in their virtual wallet, that they are not released to third parties, and that they are not tampered with or lost.

25 / 60

Personal data, such as the identity card number, address, and full name, can be easily used to determine, track and correlate an entity.

26 / 60

The aggregation of information deriving from different presentations is the most common use of credentials.

27 / 60

A DID-based blockchain that supports the Universal Resolver must define and implement a URL dereferent.

28 / 60

The “id” property MUST NOT have more than one value.

29 / 60

Hash functions and Merkle trees are used in distributed ledgers and blockchains to ensure interoperability between systems.

30 / 60

In the centralized model, the user does not have a direct relationship with the RP, while the IdP manages the personal data in its database.

31 / 60

The verifiable presentation must not disclose information that the holder has no intention of disclosing.

32 / 60

Distributed Ledger technologies are included in the larger blockchains family.

33 / 60

A Self-Issued OP provides remote authentication, without using direct OPs.

34 / 60

Since the anti-correlation properties are a fundamental requirement within the verifiable credential system, it is strongly recommended that the identifiers are:

  • Linked to a single origin
  • Multipurpose
  • Not used entirely, or replaced by new tokens.

35 / 60

The creation date of the DID (timestamp) is within the DID Document.

36 / 60

The identity provider is able to exploit economies of scale to reduce the costs of its infrastructures.

37 / 60

EBSI is a joint initiative of the European Commission and the European Blockchain Partnership (EBP) created to provide public services to European citizens using blockchain technology.

38 / 60

Using the “credential schema” property is to allow validation through the zero-knowledge proof.

39 / 60

The issuer includes the terms in the verifiable credential, while the holder places them within the verifiable presentation.

40 / 60

The value of the “id” property MUST be a URI.

41 / 60

DID methods are the mechanism by which a particular type of DID and its corresponding document is created, resolved, updated, and deactivated.

42 / 60

Credentials are issued, transferred, and verified through the use of digital wallets.

43 / 60

SAML 2.0 refers to the XML variant language.

44 / 60

The “type” property, in other words, identifies the subject of the credential.

45 / 60

Digital identity is a data-driven and transaction-maintained private individual personality model intended to be used by a delegation from the individual.

46 / 60

The DID level is the fundamental one, made up of DIDs registered and solved through distributed ledgers.

47 / 60

ESSIF is a joint initiative of the European Commission and the European Blockchain Partnership (EBP) created to provide public services to European citizens using blockchain technology.

48 / 60

Verifiable presentation enhances data minimization.

49 / 60

The aggregation of information deriving from different credentials is the most common use of presentations.

50 / 60

Phishing is a computer scam carried out by sending cleverly forged e-mails.

51 / 60

The creation date of the DID (timestamp) is within the DID URL.

52 / 60

One of the objectives of the model is to enable innovation without permission.

53 / 60

Only some verifiable credentials and presentations MUST contain the “context” property.

54 / 60

By definition, the controller of a DID is the entity identified by the DID.

55 / 60

SPID relies on the SAML security protocol.

56 / 60

The principle called transparency aims to define the goal of making data transparent to facilitate reading.

57 / 60

Different will be network and distributed ledgers, different will also be the did method.

58 / 60

A verifiable credential contains statements regarding one or more subjects. This specification defines the “credential subject” property.

59 / 60

Decentralized Identifiers (DIDs) constitute a new type of unique identifier, similar to URIs.

60 / 60

The digital identity market could achieve an economic value equivalent to 15% of GDP in 2030.

Il tuo punteggio è

The average score is 51%

0%