156-215.80 · Question #511
Fill in the blank: Once a certificate is revoked from the Security GateWay by the Security Management Server, the certificate information is _______.
The correct answer is D. Stored on the Certificate Revocation List.. When a certificate is revoked, its serial number and revocation reason are published to the Certificate Revocation List (CRL), the standard PKI mechanism for communicating revocation status to relying parties.
Question
Fill in the blank: Once a certificate is revoked from the Security GateWay by the Security Management Server, the certificate information is _______.
Options
- ASent to the Internal Certificate Authority.
- BSent to the Security Administrator.
- CStored on the Security Management Server.
- DStored on the Certificate Revocation List.
How the community answered
(34 responses)- A6% (2)
- B3% (1)
- C3% (1)
- D88% (30)
Why each option
When a certificate is revoked, its serial number and revocation reason are published to the Certificate Revocation List (CRL), the standard PKI mechanism for communicating revocation status to relying parties.
The Internal Certificate Authority (ICA) is responsible for issuing and signing certificates, not for receiving or recording revocation events - the CRL serves that function.
The Security Administrator may receive log alerts about a revocation, but revocation data is formally recorded in a structured CRL, not transmitted to an individual person.
While the Security Management Server initiates the revocation process, the revocation record is published to the CRL for distribution and validation, not merely retained internally on the management server.
The Certificate Revocation List (CRL) is the standardized PKI structure where revoked certificate serial numbers and revocation reasons are recorded and published, allowing gateways and clients to verify a certificate's revocation status before trusting it. The Security Management Server updates this list when a revocation is performed, making the status accessible network-wide.
Concept tested: PKI certificate revocation list (CRL) management
Source: https://sc1.checkpoint.com/documents/R81/WebAdminGuides/EN/CP_R81_SecurityManagement_AdminGuide/Topics-SMAG/Certificate-Management.htm
Topics
Community Discussion
No community discussion yet for this question.