SY0-301 · Question #377
A network administrator is looking for a way to automatically update company browsers so they import a list of root certificates from an online source. This online source will then be responsible for
The correct answer is A. Trust model. A trust model defines how certificates are validated and which certificate authorities (CAs) are trusted. The scenario describes a centralized, online-managed list of trusted and untrusted root certificates that browsers automatically import - this is the function of a certificat
Question
A network administrator is looking for a way to automatically update company browsers so they import a list of root certificates from an online source. This online source will then be responsible for tracking which certificates are to be trusted or not trusted. Which of the following BEST describes the service that should be implemented to meet these requirements?
Options
- ATrust model
- BKey escrow
- COCSP
- DPKI
How the community answered
(16 responses)- A81% (13)
- C6% (1)
- D13% (2)
Explanation
A trust model defines how certificates are validated and which certificate authorities (CAs) are trusted. The scenario describes a centralized, online-managed list of trusted and untrusted root certificates that browsers automatically import - this is the function of a certificate trust list (CTL), which is a component of a trust model. Key escrow is a process for storing encryption keys with a third party. OCSP (Online Certificate Status Protocol) checks the revocation status of individual certificates in real time but does not manage a browser's root certificate store. PKI is the broader framework for managing certificates but does not specifically describe the automatic browser-level trust-list update mechanism requested.
Topics
Community Discussion
No community discussion yet for this question.