Which of the following statements regarding Certificate Revocation List (CRL) is valid when using PKI?

Which of the following statements regarding Certificate Revocation List (CRL) is valid when using PKI?

Which of the following statements regarding Certificate Revocation List (CRL) is valid when using PKI?

A.
The CRL resides on the CA server and is built by querying the router or PIX to determine which clients’ certificate status in the past.

B.
The CRL is used to check presented certificates to determine if they are revoked.

C.
A router or PIX will not require that the other end of the IPSec tunnel have a certificate if the crl optional command is in place.

D.
The router’s CRL includes a list of clients that have presented invalid certificates to the router in the past.

Show Hint

Leave a Reply 0

Your email address will not be published. Required fields are marked *