CompTIA Security Plus Mock Test Q1085

Public key certificates and keys that are compromised or were issued fraudulently are listed on which of the following?

A. PKI
B. ACL
C. CA
D. CRL


Correct Answer: D
Section: Cryptography

Explanation:
A CRL is a locally stored record containing revoked certificates and revoked keys.

Incorrect Answers:
A: A public key infrastructure (PKI) is a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates.
Within a PKI you can use CRL to meet the requirements in this question.
B: Access control lists (ACLs) enable devices in your network to ignore requests from specified users or systems or to grant them access to certain network capabilities. ACLs cannot
be used for certificates or keys.
C: In cryptography, a certificate authority or certification authority (CA) is an entity that issues digital certificates. You don’t use a CA to store revoked certificates.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 156-157, 279-280, 279-285, 285