The PKI element that manages the certificate life cycle,
including certificate directory maintenance and certificate
revocation list (CRL) maintenance and publication is the:
A. certificate authority.
B. digital certificate.
C. certification practice statement.
D. registration authority.
- 2 Answers
- 7408 Views
- I also Faced
- E-Mail Answers
Answers were Sorted based on User's Feedback
Answer / me
Answer :A
The certificate authority manages the certificate life
cycle, including certificate directory maintenance and CRL
maintenance and publication. The CA attests, as a trusted
provider of the public/private key pairs, to the
authenticity of the owner to whom a public/private key pair
has been given. The digital certificate is composed of a
public key and identifying information about the owner of
the public key. It associates a public key with an
individual's identity. Certificates are e-documents,
digitally signed by a trusted entity and containing
information on individuals. The process entails the sender,
who is digitally signing a document with the digital
certificate attached issued by a trusted entity where the
receiver relies on the public key that is included in the
digital certificate, to authenticate the message. The
certification practice statement is the governance process
for CA operations. A CPS documents the high-level
practices, procedures and controls of a CA. The
registration authority attests, as a trusted provider of
the public/private key pairs, to the authenticity of the
owner to whom a public/private key pair has been provided.
In other words, the registration authority performs the
process of identification and authentication by
establishing a link between the identity of the requesting
person or organization and the public key. As a brief note,
a CA manages and issues certificates, whereas a RA is
responsible for identifying and authenticating subscribers,
but does not sign or issue certificates. Definitions can be
found in a glossary posted at:
http://sig.nfc.usda.gov/pki/glossary/glossary.html and
http://www.cio-dpi.gc.ca/pki-icp/beginners/glossary/
glossary_e.asp?format=print and in "Auditing and
Certification of a Public Key Infrastructure," by Ronald
Koorn, Peter Walsen, Mark Lund, Information Systems Control
Journal, vol. 5, 2002, p. 28-29.
| Is This Answer Correct ? | 16 Yes | 3 No |
Answer / guest
Answer: D
The registration authority manages the certificate life
cycle, including certificate directory maintenance and
certificate revocation list (CRL) maintenance and
publication. The certificate authority attests, as a trusted
provider of the public/private key pairs, to the
authenticity of the owner to whom a public/private key pair
has been given. The digital certificate is composed of a
public key together with identifying information about the
owner of the public key. It associates a public key with an
individual's identity. Certificates are e-documents
digitally signed by a trusted entity containing information
on individuals. The process entails the sender digitally
signing a document with the digital certificate attached
issued by a trusted entity where the receiver relies on the
public key that is included in the digital certificate to
authenticate the message. The certification practice
statement is the governance process for CA operations.
| Is This Answer Correct ? | 5 Yes | 13 No |
The BEST method of proving the accuracy of a system tax calculation is by: A. detailed visual review and analysis of the source code of the calculation programs. B. recreating program logic using generalized audit software to calculate monthly totals. C. preparing simulated transactions for processing and comparing the results to predetermined results. D. automatic flowcharting and analysis of the source code of the calculation programs.
The PRIMARY purpose of compliance tests is to verify whether: A. controls are implemented as prescribed. B. documentation is accurate and current. C. access to users is provided as specified. D. data validation procedures are provided.
Which of the following is a check (control) for completeness? A. Check digits B. Parity bits C. One-for-one checking D. Prerecorded input
Which of the following group/individuals should assume overall direction and responsibility for costs and timetables of system development projects? A. User management B. Project steering committee C. Senior management D. Systems development management
An enterprisewide network security architecture of public key infrastructure (PKI) would be comprised of: A. A public key cryptosystem, private key cryptosystem and digital certificate B. A public key cryptosystem, symmetric encryption and certificate authorities C. A symmetric encryption, digital certificate and kerberos authentication D. A public key cryptosystem, digital certificate and certificate authorities
An IS auditor reviewing database controls discovered that changes to the database during normal working hours were handled through a standard set of procedures. However, changes made after normal hours required only an abbreviated number of steps. In this situation, which of the following would be considered an adequate set of compensating controls? A. Allow changes to be made only with the DBA user account. B. Make changes to the database after granting access to a normal user account C. Use the DBA user account to make changes, log the changes and review the change log the following day. D. Use the normal user account to make changes, log the changes and review the change log the following day.
An integrated test facility is considered a useful audit tool because it: A. is a cost-efficient approach to auditing application controls. B. enables the financial and IS auditors to integrate their audit tests. C. compares processing output with independently calculated data. D. provides the IS auditor with a tool to analyze a large range of information.
An organization is developing a new business system. Which of the following will provide the MOST assurance that the system provides the required functionality? A. Unit testing B. Regression testing C. Acceptance testing D. Integration testing
The FIRST step in data classification is to: A. establish ownership. B. perform a criticality analysis. C. define access rules. D. create a data dictionary.
Use of asymmetric encryption in an Internet e-commerce site, where there is one private key for the hosting server and the public key is widely distributed to the customers, is MOST likely to provide comfort to the: A. customer over the authenticity of the hosting organization. B. hosting organization over the authenticity of the customer. C. customer over the confidentiality of messages from the hosting organization. D. hosting organization over the confidentiality of messages passed to the customer.
The risk of an IS auditor using an inadequate test procedure and concluding that material errors do not exist when, in fact, they exist is:
An IS auditor performing an audit of the company's IS strategy would be LEAST likely to: A. assess IS security procedures. B. review both short- and long-term IS strategies. C. interview appropriate corporate management personnel. D. ensure that the external environment has been considered.
Cisco Certifications 
