nerdexam
CompTIA

SY0-301 · Question #787

Joe, a user, wants to send an encrypted email to Ann. Which of the following will Ann need to use to verify the validity's of Joe's certificate? (Select TWO).

The correct answer is A. The CA's public key E. Joe's public key. Verifying a digital certificate involves the Public Key Infrastructure (PKI) chain of trust. A Certificate Authority (CA) issues Joe's certificate by digitally signing it with the CA's private key. To verify that the certificate is authentic and was issued by a trusted CA, Ann us

General security concepts

Question

Joe, a user, wants to send an encrypted email to Ann. Which of the following will Ann need to use to verify the validity's of Joe's certificate? (Select TWO).

Options

  • AThe CA's public key
  • BJoe's private key
  • CAnn's public key
  • DThe CA's private key
  • EJoe's public key
  • FAnn's private key

How the community answered

(51 responses)
  • A
    78% (40)
  • B
    2% (1)
  • C
    2% (1)
  • D
    10% (5)
  • F
    8% (4)

Explanation

Verifying a digital certificate involves the Public Key Infrastructure (PKI) chain of trust. A Certificate Authority (CA) issues Joe's certificate by digitally signing it with the CA's private key. To verify that the certificate is authentic and was issued by a trusted CA, Ann uses the CA's public key (A) to validate the CA's signature on the certificate. Once the certificate is verified as legitimate, Ann extracts and uses Joe's public key (E), which is embedded in the certificate, to verify Joe's digital signature on the email. The CA's private key (D) is never shared, Ann's keys are irrelevant to verifying Joe's certificate, and Joe's private key is never disclosed.

Topics

#PKI#certificate validation#CA trust chain#public key infrastructure

Community Discussion

No community discussion yet for this question.

Full SY0-301 Practice