PKI drill

___is the standard that defines the format used with public key digital certificates

x.509

an entity looking to obtain a digital certificate will create and submit a ___ to the CA to formally request the certificate

CSR

which mechanisms from the list below can be checked to verify the validity of a digital certificate?

CRL

OCSP

OSCP

CSR

CRL, OCSP

what action does a CA take prior to publishing a CRL to ensure the list can be validated as authentic by those checking it for certificate statuses

CA signs the list with the CA’s own private key

_____is a public key cryptography standard used to sign and/ or encrypt messages for PKI

PKCS #7

an entity looking to obtain a digital certificate must first generate an_____

asymmetric key pair

certificate creation occurs during which stage of certificate management?

initialization

certificate revocation lists are published by____

the issuing CA

the timeframe a digital certificate is considered to be valid and can be trusted is known as the ____

period of validity

which encoding scheme for X.509 certificates supports binary format

DER

certificate validation occurs during which stage of certificate management?

issued

public key cryptography involves the use of a ___ for encryption and decryption

key pair (one private, one public key)

if Shawn were to generate a CSR to submit to a CA, what PKCS standard would be used?

PKCS #10

a ____ is a trusted third party that creates and issues digital certificates

CA

an entity seeking a digital certificate will provide the CA with ___ and ___ as part of the initial request

a CSR; their public key

which public key cryptography standard is used to bundle a private key with its X.509 certificate or to bundle all the members of a chain of trust?

PKCS #12

certificate revocation occurs during which stage of certificate management?

cancellation

___describes the condition where a certificare is moved to an invalid or untrusted state before its original expiration data that cannot be reversed

revoked

a ___ validates the unique identifying information and public key information submitted by a requester and creates a digital certificate which essentially binds the requester’s identity and public key to the certificate

CA

which encoding scheme for X.509 certificates supports Base64 and ASCII text formats?

PEM

which common x.509 certificate file supports formats used by the PEM and DER encoding schemes?

.CER

certificate expiration occurs during which stage of certificate management?

cancellation

what will certificate authority (CA) do just before issuing a digital certificate to a requesting entity?

CA will sign the certificate with its own private key

___ is a public key cryptography stnadard used for password-based encryption

PKCS #5

___describes the condition where a certificate is moved to an invalid or untrusted state prior to its orignal expiration date, that can be reversed following investigation resolution

Hold