3.5
Which of the following conditions does not result in a certificate being added to the certificate revocation list? Committing a crime using the certificate Invalid identity credentials Certificate expiration Private key compromise
Certificate expiration
To obtain a digital certificate and participate in a Public Key Infrastructure (PKI), what must be submitted and where should it be submitted? Identifying data with the MAC and IP addresses to the root certificate authority (CA) Identifying data with the 3DES block cipher to the hosting certificate authority (CA) Identifying data and a certification request to the registration authority (RA) Identifying data and a secret key request to the subordinate distribution authority (DA)
Identifying data and a certification request to the registration authority (RA)
Which of the following items are contained in a digital certificate? (Select two.) Private Key Root CA secret key Validity period Public Key
Validity period Public Key
When is the best time to apply for a certificate renewal? Near the end of the certificate's valid lifetime After a certificate has been revoked Just after a certificate expires Immediately after a certificate is issued
Near the end of the certificate's valid lifetime
You have a Web server that will be used for secure transactions for customers who access the Web site over the Internet. The Web server requires a certificate to support SSL. Which method would you use to get a certificate for the server? Create your own internal PKI to issue certificates. Have the server generate its own certificate. Run a thirdparty tool to generate the certificate. Obtain a certificate from a public PKI.
Obtain a certificate from a public PKI.
What technology was developed to help improve the efficiency and reliability of checking the validity status of certificates in large complex environments? Private Key Recovery Certificate Revocation List Online Certificate Status Protocol Key Escrow
Online Certificate Status Protocol
A PKI is a method for managing which type of encryption? Asymmetric Steganography Symmetric Hashing
Asymmetric
Which of the following would you find on a CPS? A list of revoked certificates A list of issued certificates A description of the format for a certificate A declaration of the security that the organization is implementing for all certificates
A declaration of the security that the organization is implementing for all certificates ( Certificate Practice Statement (CPS))
What is a PKI? An algorithm for encrypting and decrypting data A hierarchy of computers for issuing certificates A program that generates key pairs A protocol that defines secure key exchange
A hierarchy of computers for issuing certificates
The ________ is an entity trusted to issue, store, and revoke digital certificates
Certificate Authority (CA)
You have lost the private key that you have used to encrypt files. You need to get a copy of the private key to open some encrypted files. Who should you contact? Enrollment agent Certification authority Recovery agent Registration authority
Recovery agent
Which of the following is an entity that accepts and validates information contained within a request for a certificate? Registration authority Certificate authority Enrollment agent Recovery agent
Registration authority
What is the purpose of key escrow? To grant the certificate authority full control over the communication environment To provide a means to recover from a lost private key Collection of additional fees over the life of using a public digital certificate To provide a means for legal authorities to access confidential data
To provide a means for legal authorities to access confidential data
Which aspect of certificates makes them a reliable and useful mechanism for proving the identity of a person, system, or service on the Internet? Trusted thirdparty Electronic signatures It is a digital mechanism rather than a physical one Ease of use
Trusted thirdparty (Certificate Authority)
How many keys are used with Public Key Cryptography? One Two Three Four
Two
In what form of key management solution is key recovery possible? Public Hierarchical Centralized Decentralized
centralized (Only a centralized key management solution provides a key escrow service that allows for key recovery to occur)