Which of the following describes a service that could m…

A security administrator needs a locally stored record to remove the certificates of a terminated employee. Which of the following describes a service that could
meet these requirements?

A security administrator needs a locally stored record to remove the certificates of a terminated employee. Which of the following describes a service that could
meet these requirements?

A.
OCSP

B.
PKI

C.
CA

D.
CRL

Explanation:
A CRL is a locally stored record containing revoked certificates and revoked keys.
Incorrect Answers:
A: OCSP is a protocol, not a database.
The Online Certificate Status Protocol (OCSP) is an Internet protocol used for obtaining the revocation status of an X.509 digital certificate.
B: A public key infrastructure (PKI) is a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store, and revoke
digital certificates. Within a PKI you can use CRL to meet the requirements in this question.
C: In cryptography, a certificate authority or certification authority (CA) is an entity that issues digital certificates. You don’t use a CA to store revoked certificates.

Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 262, 279-280, 279-285, 285



Leave a Reply 0

Your email address will not be published. Required fields are marked *