Comptia+ Chapter 4 Flashcards
Third party
And entity that is trusted by other
Digital certificate
A technology used to associate a user’s identity to a public key and that has been “digitally signed” by a trusted third party
Certificate authority
Entity that is responsible for digital certificates
Registration authority
Entity responsible for verifying credentials of the applicant that is applying for a digital certificate
Certificate signing request (CSR) generation
The process for requesting a digital certificate
Certificate repository
A publicly accessible centralized directory of digital certificates that can be used to view the status of a digital certificate
Certificate revocation list (CRL)
List of certificate serial numbers that have been revoked
Online certificate status protocol (OCSP)
Process that performs a real-time lookup of a certificate’s status
Root of trust
Tracing a certificate back to the highest level of a CA
Self-signed
A signed digital certificate that does not depend on any higher-level authority for authentication
Root digital certificate
Digital certificate that is created and verified by a CA
Intermediate certificates
Digital certificates that have been issued by intermediate CAs. Next level of trust after root digital certificate
User digital certificate
Endpoint of a certificate chain
Domain validation digital certificate
Verifies the identity of the entity that has control over the domain name. Simply verifies who has control and not trustworthiness of individuals behind the site
Extended Validation (EV) certificate
More extensive verification of the legitimacy of the business.
Wildcard digital certificate
A certificate used to validate a main domain along with all subdomains.
Subject Alternative Name (SAN)
Allows a single digital certificate to specify additional host names to be protected and permits a certificate to cover multiple IP addresses
Machine/Computer digital certificate
Verify the identity of a device in a network transaction
Code signing
A process by which software developers digitally sign a program to prove that the software comes from the entity that signed it and that no unauthorized third party has altered it
Email digital certificate
Allows a user to digitally sign and encrypt mail messages
Public key infrastructure (PKI)
The underlying infrastructure for the management of keys and digital certificates at scale
Key management system
A method of controlling public keys, private keys, and digital certificates
Hierarchical trust model
One master CA called the root signs all digital certificate authorities with a single key
Distributed trust model
Multiple CAs can sign digital certificates. CAs can delegate authority to other intermediate CAs to sign digital certificates
