Which statement about enrollment in the IP telephony PKI is true? (Source. Understanding Cisco IP Telephony Authentication and Encryption Fundamentals)
A.
CAPF enrollment supports the use of authentication strings.
B.
The CAPF itself has to enroll with the Cisco CTL client.
C.
LSCs are issued by the Cisco CTL client or by the CAPF.
D.
MICs are issued by the CAPF itself or by an external CA.
Explanation:
The CAPF enrollment process is as follows:
1. The IP phone generates its public and private key pairs.
2. The IP phone downloads the certificate of the CAPF and uses it to establish a TLS session
with the CAPF.
3. The IP phone enrolls with the CAPF, sending its identity, its public key, and an optional
authentication string.
4. The CAPF issues a certificate for the IP phone signed with its private key.
5. The CAPF sends the signed certificate to the IP phone.
Link: http://my.safaribooksonline.com/book/certification/cipt/9781587052613/understanding-cisco-ip-telephony-authentication-and-encryption-fundamentals/584.