CISSP · Question #1331
What is the second phase of Public Key Infrastructure (PKI) key/certificate life-cycle management?
The correct answer is B. Initialization Phase. PKI certificate lifecycle management follows a defined sequence of phases from initial setup through eventual cancellation. The second phase in this lifecycle is the Initialization Phase.
Question
What is the second phase of Public Key Infrastructure (PKI) key/certificate life-cycle management?
Options
- AImplementation Phase
- BInitialization Phase
- CCancellation Phase
- DIssued Phase
How the community answered
(59 responses)- A2% (1)
- B92% (54)
- C3% (2)
- D3% (2)
Why each option
PKI certificate lifecycle management follows a defined sequence of phases from initial setup through eventual cancellation. The second phase in this lifecycle is the Initialization Phase.
The Implementation Phase is the first phase of the PKI lifecycle, not the second, as it covers the initial setup and deployment of the PKI infrastructure itself.
The PKI key/certificate lifecycle consists of phases in this order: (1) Implementation Phase, (2) Initialization Phase, (3) Issued Phase, and (4) Cancellation Phase. The Initialization Phase is where entities are prepared to interact with the PKI, including generating key pairs, submitting certificate signing requests (CSRs), and establishing trust relationships with the Certificate Authority (CA) before certificates are formally issued.
The Cancellation Phase is the final (fourth) phase of the PKI lifecycle, dealing with certificate revocation, expiration, and end-of-life key destruction.
The Issued Phase is the third phase of the PKI lifecycle, occurring after Initialization, during which certificates are actively distributed and used for cryptographic operations.
Concept tested: PKI certificate lifecycle management phase ordering
Source: https://learn.microsoft.com/en-us/windows-server/identity/ad-cs/certification-authority-guidance
Topics
Community Discussion
No community discussion yet for this question.