PrepAway - Latest Free Exam Questions & Answers

Where in a PKI infrastructure is a list of revoked cert…

Where in a PKI infrastructure is a list of revoked certificates stored?

PrepAway - Latest Free Exam Questions & Answers

A.
CRL

B.
Registration Authority

C.
Recovery Agent

D.
Key escrow

Explanation:
In a Public Key Infrastructure (PKI), the revocation of a certificate is dealt with by the certificate authority (CA).
The revoked certificate information is stored on a certificate revocation list (CRL).
Incorrect Answers:
B: The registration authority (RA) executes the certification registration tasks. It does not, however, store a list
of revoked certificates.
C: Key recovery agent is one of the intended purposes of digital certificates. It does not, however, store a list of
revoked certificates.
D: Key escrow is a process or entity that can recover lost or corrupted cryptographic keys. It does not, however,
store a list of revoked certificates.

Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, 2013, pp. 833-836, 843
Miller, David R, Microsoft CISSP Training Kit, O’Reilly Media, 2013, California, p. 217


Leave a Reply