CISSP Question of the Day – 6-7-2016

Getting You Prepped for the CISSP Exam ...One Question at a Time!

Today’s CISSP question topic: PKI, Public Key Infrastructures

In a Public Key Infrastructure (PKI), a certificate revocation list (CRL) is a digitally signed list of certificate serial numbers of certificates that have been revoked by the issuing Certificate Authority (CA). There are several different methods by which the revocation status of a certificate can be checked. Which of the following are revocation check methods? (Choose three)

  1. DNS TXT Record Query
  2. HTTP-based CRL distribution point
  3. SMTP
  4. An incremental CRL (aka Delta-CRL) issued by the CA
  5. OCSP
  6. SNMPv3 Query
  7. Syslog



Check Your Answer


  1. HTTP-based CRL distribution point
  2. An incremental CRL (aka Delta-CRL) issued by the CA
  3. OCSP

Supporting Links:

  1. https://en.wikipedia.org/wiki/Revocation_list
  2. https://technet.microsoft.com/en-us/library/ee619754(v=ws.10).aspx


Co-workers, friends or colleagues studying for the CISSP exam, too? Share this question with them! Click an icon below to share to your preferred social media platform!
Posted in:
About the Author

Colin Weaver

Colin Weaver is co-owner and lead instructor at ITdojo, Inc., a network security and information assurance training center and consulting firm located in Virginia Beach, VA. His passion for technology, networks, and security has led him to become enthralled with the idea of IPv6 and its implementation. In this blog he will share with you glimpses of what he has learned and a hint at what you’ll learn in his classes.