1/14
Looks like no tags are added yet.
Name | Mastery | Learn | Test | Matching | Spaced | Call with Kai | Chat |
|---|
No analytics yet
Send a link to your students to track their progress
A type of digital document that verifies the identity of an individual, device, service, or organization in online communications is known as:
-Encryption key
-Digital certificate
-Identity token
-Digital signature
-Digital certificate
What is the role of RA in PKI? (Select 2 answers)
-Accepting requests for digital certificates
-Validating digital certificates
-Authenticating the entity making the request
-Providing backup source for cryptographic keys
-Issuing digital certificates
-Accepting requests for digital certificates
-Authenticating the entity making the request
Which of the answers listed below refers to a trusted third party responsible for issuing, revoking, and managing digital certificates?
-RA
-DN
-CA
-CSP
-CA (Certificate Authority)
Which of the following answers refers to a means for periodic publication of all digital certificates that have been revoked?
-CRL
-OSPF
-RA
-CSR
-CRL (Certificate Revocation List)
Which of the answers listed below refers to a protocol that enables on-demand querying of the revocation status of a digital certificate?
-CSP
-OCSP
-DN
-CRL
-OCSP (Online Certificate Status Protocol)
What is the fastest way to check the validity of a single digital certificate?
-CSR
-DN
-CRL
-OCSP
-OCSP (Online Certificate Status Protocol)
Which of the following answers can be used to describe self-signed digital certificates? (Select 3 answers)
-Backed by a well-known and trusted third party
-Not trusted by default by web browsers and other applications
-Used in trusted environments, such as internal networks and development environments
-Suitable for websites and other applications that are accessible to the public
-Trusted by default by web browsers and other applications
-Not backed by a well-known and trusted third party
-Not trusted by default by web browsers and other applications
-Used in trusted environments, such as internal networks and development environments
-Not backed by a well-known and trusted third party
A self-signed digital certificate is also referred to as:
-Client certificate
-EV certificate
-Server certificate
-Wildcard certificate
-None of the above
-None of the above
Third-party digital certificates, issued by trusted CAs, are automatically trusted by most browsers and operating systems, involve a cost, and require validation of the applicant's identity. In contrast, self-signed certificates, issued by the entity to itself, are not automatically trusted, are free to create and use, and do not require validation by a CA.
-True
-False
-True
In the context of digital certificates, the term "Root of trust" refers to the highest level of trust within a PKI system. It is typically represented by a root CA, which is a trusted third party that serves as the foundation for the entire PKI. All other entities in the PKI hierarchy, including intermediate CAs and end-entities (such as web servers, email servers, user devices, IoT devices, and individual users), derive their trust from this root. When a certificate is issued and signed by an intermediate CA, it gains trust through a chain of trust back to the root CA. This hierarchical trust model allows users and systems to trust certificates presented by websites, services, or individuals because they can trace the trust back to the well-established root of trust.
-True
-False
-True
Which of the answers listed below refers to a PKI trust model?
-Single CA model
-Hierarchical model (root CA + intermediate CAs)
-Mesh model (cross-certifying CAs)
-Web of trust model (all CAs function as root CAs)
-Chain of trust model (multiple CAs in a sequential chain)
-Bridge model (cross-certifying between separate PKIs)
-Hybrid model (combining aspects of different models)
-All of the above
-All of the above
Which of the following answers refers to a cryptographic file generated by an entity requesting a digital certificate from a CA?
-OID
-CSR
-DN
-CRL
-CSR (Certificate Signing Request)
A type of digital certificate that can be used to secure multiple subdomains within a primary domain is called:
-Root signing certificate
-Subject Alternative Name (SAN) certificate
-Extended Validation (EV) certificate
-Wildcard certificate
-Wildcard certificate
Which digital certificate type allows to secure multiple domain names or subdomains with a single certificate?
-Extended Validation (EV) certificate
-Wildcard certificate
-Subject Alternative Name (SAN) certificate
-Root signing certificate
-Subject Alternative Name (SAN) certificate
Which of the answers listed below refers to an identifier used for PKI objects?
-OID
-DN
-SAN
-GUID
-OID (Object Identifier)