How does a certificate authority keep a list of valid certificates up‐to‐date?This type of question contains radio buttons and checkboxes for selection of options. Use Tab for navigation and Enter or space to select the option.optionABy doing periodic CA updateoptionBBy using certificate revocation listsoptionCBy re‐validating identitiesoptionDBy hashing the list
Question
How does a certificate authority keep a list of valid certificates up‐to‐date?This type of question contains radio buttons and checkboxes for selection of options. Use Tab for navigation and Enter or space to select the option.optionABy doing periodic CA updateoptionBBy using certificate revocation listsoptionCBy re‐validating identitiesoptionDBy hashing the list
Solution
A Certificate Authority (CA) keeps a list of valid certificates up-to-date primarily by using a Certificate Revocation List (CRL).
Here's a step-by-step explanation:
-
A Certificate Revocation List (CRL) is a list of digital certificates that have been revoked by the issuing Certificate Authority (CA) before their scheduled expiration date.
-
There are several reasons a certificate might be revoked such as the private key associated with the certificate has been compromised or the entity that was issued the certificate no longer exists.
-
The CA updates the CRL periodically and as needed. For example, if a certificate is revoked, it will be added to the CRL.
-
When a server or client needs to check whether a certificate is valid, it can download the latest CRL and check if the certificate is listed on it. If the certificate is listed on the CRL, it has been revoked and is not valid.
So, the correct answer to your question is option B: By using certificate revocation lists.
Similar Questions
Your organization issues certificates to users by collecting information from the user and then generating the key to provide to the user. Which of the following is responsible for this?This type of question contains radio buttons and checkboxes for selection of options. Use Tab for navigation and Enter or space to select the option.optionACAoptionBPKIoptionCOCSPoptionDCRL
Why would you use PGP instead of using a certificate authority?This type of question contains radio buttons and checkboxes for selection of options. Use Tab for navigation and Enter or space to select the option.optionAYou preferred a decentralized approach.optionBYou preferred a centralized approach.optionCYou preferred the use of X.509 certificates.optionDYou preferred TLS over AES.
Question 51 :When a Web server generates a certificate request, what is contained in the certificate request file?This type of question contains radio buttons and checkboxes for selection of options. Use Tab for navigation and Enter or space to select the option.optionAAn algorithm to create a key pair setoptionBA program to run an initial SSL session for setupoptionCA digital signature authorizing the issue of a certificateoptionDReply information such as business name, contact and IP address
Which feature of digital certificates prevents tampering and ensures data integrity?Expiration datesDigital signaturesEncryption algorithmsCertificate chains
What elements of a certificate are inspected when a certificate is verified? Check all that apply."Not valid before" dateTrust of the signatory CA"Not valid after" dateCertificate key size
Upgrade your grade with Knowee
Get personalized homework help. Review tough concepts in more detail, or go deeper into your topic by exploring other relevant questions.