exam questions

Exam SY0-701 All Questions

View all questions & answers for the SY0-701 exam

Exam SY0-701 topic 1 question 401 discussion

Actual exam question from CompTIA's SY0-701
Question #: 401
Topic #: 1
[All SY0-701 Questions]

The private key for a website was stolen, and a new certificate has been issued. Which of the following needs to be updated next?

  • A. SCEP
  • B. CRL
  • C. OCSP
  • D. CSR
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
4617f0b
Highly Voted 3 months, 3 weeks ago
Selected Answer: B
When a private key for a website is stolen, the certificate associated with that key is considered compromised. The next important step is to update the Certificate Revocation List (CRL) to include the old certificate so that clients and browsers know that it should no longer be trusted.
upvoted 7 times
...
9149f41
Most Recent 2 months ago
Selected Answer: B
A. SCEP (Simple Certificate Enrollment Protocol)-for enrolling only C. OCSP (Online Certificate Status Protocol): check status online D. CSR (Certificate Signing Request): Request new certificate.
upvoted 1 times
...
Anyio
2 months ago
Selected Answer: B
The correct answer is: B. CRL Explanation: When a private key is stolen, the associated certificate must be revoked to ensure it is no longer trusted. Updating the Certificate Revocation List (CRL) is necessary to inform systems that the certificate is invalid and should not be trusted. Other Options: A. SCEP (Simple Certificate Enrollment Protocol): Used for certificate enrollment but is not related to revoking or updating certificates. C. OCSP (Online Certificate Status Protocol): This protocol is used to check the revocation status of a certificate in real time, but the CRL must be updated first for OCSP to reflect the change. D. CSR (Certificate Signing Request): This is used to request a new certificate but does not handle revocation or updates related to the stolen private key.
upvoted 2 times
...
ProudFather
3 months, 2 weeks ago
Selected Answer: B
A Certificate Revocation List (CRL) is a list of digital certificates that have been revoked. When a private key is compromised, the corresponding certificate should be revoked to prevent its further use. By updating the CRL, the system can validate the authenticity of certificates and prevent unauthorized access.
upvoted 1 times
...
Cocopqr
3 months, 3 weeks ago
Selected Answer: D
D. CSR (Certificate Signing Request). Explanation: When a private key is compromised, the entire certificate needs to be reissued. This involves the following steps: Generate a new CSR: A new Certificate Signing Request (CSR) is generated, which includes the public key associated with the new private key. Submit the CSR to the CA: The new CSR is submitted to the Certificate Authority (CA) for verification and signing. Issue a new certificate: The CA issues a new digital certificate that is bound to the new public key. Once the new certificate is issued, it needs to be installed on the web server. The other options (SCEP, CRL, and OCSP) are related to certificate management and revocation, but they are not directly affected by the compromise of the private key and the issuance of a new certificate.
upvoted 1 times
...
s_plus
4 months, 1 week ago
Simple Certificate Enrollment Protocol *Certificate Revocation List Offensive Security Certified Professional Certificate Signing Request
upvoted 1 times
iliecomptia
3 months, 3 weeks ago
OCSP does not mean Offensive Security Certified Professional; It means Online Certificate Status Protocol
upvoted 3 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago