Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CASP+ > Implementing Public Key Infrastructure (PKI) > Flashcards

Implementing Public Key Infrastructure (PKI) Flashcards

1
Q

A software process that authenticates through certificates wants to check to see if a certificate is still valid. What can the process check?

A

CRL and OSCP

Certificate authorities (CAs) must maintain a certificate revocation list (CRL) of all revoked and suspended certificates, which they can distribute throughout the hierarchy.

Rather than return a whole CRL, an Online Certificate Status Protocol (OCSP) server communicates the status of the requested certificate.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

A developer wants to create a certificate to show the browser plugin is trusted. What could the developer use?

A

Code signing

A code signing certificate issued to a software publisher follows some type of identity check and validation process by the certificate authority (CA).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

A network administrator is searching for an open source network access control (NAC) solution to integrate with the company’s public key infrastructure (PKI) environment. What could the administrator use?

A

PacketFence

PacketFence is an open source NAC (Network Access Control) solution that can work with Microsoft public key infrastructure (PKI).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

A website administrator wants a digital certificate that requires more rigorous checks. What could the administrator try to use?

A

EV

Extended Validation (EV) is subject to a process that requires more rigorous checks on the subject’s legal identity and control over the domain or software the certificate authority (CA) signs.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

A Windows client administrator is implementing a solution for data in use. What is an example of security protection for data in use?

A

Software Guard Extensions

Trusted execution environment (TEE) mechanisms, such as Intel Software Guard Extensions, can encrypt data as it exists in memory so that an untrusted process cannot decode the information.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

A systems manager is in charge of endpoint devices and wants to specify using a trusted CA. What should the systems manager specify?

A

Trusted providers

Trusted providers involve pre-configured lists of certificate authorities (CAs), and most often found stored within modern browsers or within the configuration of the operating system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

CASP+ (11 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions