PKI

Question 1

a trusted third party that issues digital certificates for creating digital signature and public-private key pairs

Answer 1

CA

Question 2

used to store a binary representation of a digital certificate

Answer 2

DER

Question 3

allows multiple domains to be protected by a single certificate

Answer 3

SAN (Subject Alternative Name) certificate

Question 4

certificate type that allows multiple subdomains to be protected by a single certificate

Answer 4

Wildcard certificate

Question 5

verifying the authenticity of a newly received cert by checking all of the certs in the chain of certs from a trusted root CA, through intermediate CAs, down to the certificate issued to the end user

Answer 5

Certificate chaining

Question 6

security mechanism that allows HTTPS websites to resist impersonation by attackers using fraudulent certificates

Answer 6

HPKP (HTTP Public Key Pinning)

Question 7

allows for checking digital certificate revocation status without contacting CA. Fastest way to validate digital certificate

Answer 7

OCSP stapling

Question 8

method for requesting digital cert

Answer 8

CSR

Question 9

allow to check whether a digital cert has been revoked

Answer 9

CRL & OCSP

Question 10

digital cert formats commonly used to store private keys

Answer 10

PFX & P12

Question 11

most common format in which CAs issue certs

Answer 11

PEM