1. Which certificate is the most trusted?
- Class 0
- Class 1
- Class 2
- Class 3
- Class 4
- Class 5
Explanation: The class number is determined by how rigorous the procedure was that verified the identity of the holder when the certificate was issued. The higher the class number, the more trusted the certificate.
2. On large networks, which two of the following methods are used to link PKI CAs?
- Cross-certified CA Topologies
- individually-certified CA Topologies
- Hierarchical CA Topologies
- Top-down CA Topologies
Explanation: On larger networks, PKI CAs may be linked using two basic architectures, Cross-certified CA topologies and Hierarchical CA topologies.
3. Which of the following is NOT an X.509 v3 application?
- SSL
- LDAP
- EAP-TLS
- IPSec
Explanation: The X.509 format is already extensively used in the infrastructure of the internet. This includes applications such as SSL, S/MIME, EAP-TLS, and IPsec.
4. Which two of the following methods are used to revoke a digital certificate?
- POTS
- OCSP
- OOB
- CRL
Explanation: A digital certificate can be revoked if the key is compromised or if it is no longer needed. The two most common methods of revocation are Online Certificate Status Protocol (OCSP) and Certificate Revocation List (CRL).