Which artifact is used to track revoked certificates by a CA?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards

From $24.99Unlock all

Study for the SANS Advanced Incident Response, Threat Hunting, and Digital Forensics (FOR508) Test. Prepare with comprehensive materials, flashcards, and multiple choice questions with hints and explanations. Ace your exam with confidence!

Multiple Choice

Which artifact is used to track revoked certificates by a CA?

When checking if a certificate is still trusted, the CA publishes a Certificate Revocation List. This artifact explicitly records certificates that have been revoked before their scheduled expiration, listing each certificate by its serial number along with the revocation date. Clients fetch and consult the CRL (often via a CRL Distribution Point embedded in the certificate) to determine whether the presented certificate appears on the revoked list. The CRL is periodically updated by the CA and signed to ensure trust.

The other options don’t fit standard PKI practice. An Archive List is not a recognized mechanism for revocation—archiving issued certificates is a separate concern. A Validation List and a Renewal List aren’t standard artifacts used to track revocations in PKI.

Which artifact is used to track revoked certificates by a CA?

Study for the SANS Advanced Incident Response, Threat Hunting, and Digital Forensics (FOR508) Test. Prepare with comprehensive materials, flashcards, and multiple choice questions with hints and explanations. Ace your exam with confidence!

Which artifact is used to track revoked certificates by a CA?

Get the latest from Examzify