- Home
- Networking
- CCNA Security
76.
Which are examples of asymmetric encryption algorithms? (Choose two.)
- A.AES
- B.CIA
- C.DH
- D.RSA
- Answer & Explanation
- Report
Answer : [C, D]
Explanation :
Explanation :
| Diffie - Hellman (DH) and RSA are two examples of asymmetric encryption. |
77.
What are some uses for digital certificates? (Choose two.)
- A.Provide a degree
- B.Verify identity
- C.User authentication
- D.Generate images
- Answer & Explanation
- Report
Answer : [B, C]
Explanation :
Explanation :
| The three main uses for digital certifi cates are identity, secure communications, and user authentication. |
78.
What protocol allows for the automatic enrollment of a digital certificate request?
- A.Simple Certificate Enrollment Protocol
- B.Simple Request Enrollment Protocol
- C.Safe Certificate Enrollment Protocol
- D.Same Certificate Enroll Plan
- Answer & Explanation
- Report
Answer : [A]
Explanation :
Explanation :
| Cisco devices use Simple Certificate Enrollment Protocol (SCEP) to request a certificate automatically. |
79.
What is the most widely used standard for digital certificates?
- A.X.500
- B.PKCS
- C.X.509
- D.SCEP
- Answer & Explanation
- Report
Answer : [C]
Explanation :
Explanation :
| X.509 is the most widely used standard. It originated in the X.500 class but is not considered part of the class anymore. |
80.
If the private key on the Root CA is compromised, what devices have to have their
certificate replaced? (Choose all that apply.)
- A.Root CA server
- B.PC with user certificate
- C.Cross - Certify CA
- D.Intermediate CA
- E.CRL server
- Answer & Explanation
- Report
Answer : [A, B, D, E]
Explanation :
Explanation :
| Any device in the actual PKI will have to obtain a new certificate from a new Root CA server certificate. The Root CA will either have to generate a new private key or be rebuilt, depending on how it was compromised. The Cross - Certify CA is not part of the same PKI. |
|
|
||||||||||||||||||||||||||||
