nerdexam
Check_Point

156-215.80 · Question #511

Fill in the blank: Once a certificate is revoked from the Security GateWay by the Security Management Server, the certificate information is _______.

The correct answer is D. Stored on the Certificate Revocation List.. When a certificate is revoked, its serial number and revocation reason are published to the Certificate Revocation List (CRL), the standard PKI mechanism for communicating revocation status to relying parties.

VPN Solutions

Question

Fill in the blank: Once a certificate is revoked from the Security GateWay by the Security Management Server, the certificate information is _______.

Options

  • ASent to the Internal Certificate Authority.
  • BSent to the Security Administrator.
  • CStored on the Security Management Server.
  • DStored on the Certificate Revocation List.

How the community answered

(34 responses)
  • A
    6% (2)
  • B
    3% (1)
  • C
    3% (1)
  • D
    88% (30)

Why each option

When a certificate is revoked, its serial number and revocation reason are published to the Certificate Revocation List (CRL), the standard PKI mechanism for communicating revocation status to relying parties.

ASent to the Internal Certificate Authority.

The Internal Certificate Authority (ICA) is responsible for issuing and signing certificates, not for receiving or recording revocation events - the CRL serves that function.

BSent to the Security Administrator.

The Security Administrator may receive log alerts about a revocation, but revocation data is formally recorded in a structured CRL, not transmitted to an individual person.

CStored on the Security Management Server.

While the Security Management Server initiates the revocation process, the revocation record is published to the CRL for distribution and validation, not merely retained internally on the management server.

DStored on the Certificate Revocation List.Correct

The Certificate Revocation List (CRL) is the standardized PKI structure where revoked certificate serial numbers and revocation reasons are recorded and published, allowing gateways and clients to verify a certificate's revocation status before trusting it. The Security Management Server updates this list when a revocation is performed, making the status accessible network-wide.

Concept tested: PKI certificate revocation list (CRL) management

Source: https://sc1.checkpoint.com/documents/R81/WebAdminGuides/EN/CP_R81_SecurityManagement_AdminGuide/Topics-SMAG/Certificate-Management.htm

Topics

#certificate revocation#CRL#PKI#internal certificate authority

Community Discussion

No community discussion yet for this question.

Full 156-215.80 Practice