Public Key Infrastructure

You are asked by the senior system administrator to refresh the SSL certificates on the web servers. The process is to generate a certificate signing request (CSR), send it to a third party to be signed, and then apply the return information to the CSR. What is this an example of?

A certificate authority consists of which of the following?

Your manager wants you to review the company’s internal PKI system’s CPS for applicability and verification and to ensure that it meets current needs. What are you most likely to focus on?

You are preparing an e-mail to send to a colleague at work, and because the message information is sensitive, you decide you should encrypt it. When you attempt to apply the certificate that you have for the colleague, the encryption fails. The certificate was listed as still valid for another year, and the certificate authority is still trusted and working. What happened to this user’s key?

Which of the following is a requirement for a CRL?

What does OCSP do?

The X.509 standard applies to which of the following?

You are browsing a website when your browser provides you with the following warning message: “There is a problem with this website’s security certificate.” When you examine the certificate, it indicates that the root CA is not trusted. What most likely happened to cause this error?

You are issued a certificate from a CA, delivered by e-mail, but the file does not have an extension. The e-mail notes that the root CA, the intermediate CAs, and your certificate are all attached in the file. What format is your certificate likely in?

Why is pinning more important on mobile devices?