3.9 public key infrastructure

Question 1

DER

Answer 1

Distinguished encoding rules

DER is used in secure communications, where digitally signed messages must have the same encoding. Binary format.

Question 2

PEM

Answer 2

Privacy enhanced mail

an email security standard that ensures the safety of electronic mail communication over the internet.

Question 3

PFX

Answer 3

Personal information exchange

a password-protected file certificate that stores multiple cryptographic objects. It’s commonly used for code signing applications.

Question 4

.cer

Answer 4

internet security certificate

These files help browsers verify if a website is secure and authentic.

Question 5

P12

Answer 5

archive file format for storing cryptographic objects as a single file.

Question 6

P7B

Answer 6

authenticates a device or person

Question 7

PKI

Answer 7

public key infrastructure

Question 8

RA

Answer 8

Registration Authority

Verifies the entity requesting the certificate

Question 9

CRL

Answer 9

certificate revocation list

list of invalid certificates

Question 10

OCSP

Answer 10

Online Certificate Status Protocol

browser checks for certificate revocation

Question 11

CN

Answer 11

common name

the fully qualified domain name for the certificate

Question 12

Subject Alternative Name

Answer 12

SAN certificate

allows multiple domains or hostnames to be secured under one certificate.

Question 13

OCSP stapling

Answer 13

a process that allows browsers to check if a website’s TLS certificate has been revoked

Question 14

pinning

Answer 14

reduces risk of fraudulent certificates

Question 15

certificate chaining

Answer 15

a list of certificates that start from a server’s certificate and terminate with the root certificate.

Question 16

key escrow

Answer 16

Third party storage of private key

Question 17

CA

Answer 17

Certificate Authority

Deploy and manage certificates