WGU D334 – Cryptography
Comprehensive Resource To Help You
Ace 2026-2027 Includes Frequently
Tested Questions With ELABORATED
100% Correct COMPLETE SOLUTIONS
Guaranteed Pass First Attempt!!
Current Update!!
1. Which encoding scheme for X.509 certificates supports Base64 and ASCII text
formats?
a) DER
b) CSR
c) IKE
d) PEM - ANSWER PEM
- Two major encoding schemes for X.509 certificates: PEM (Base64, ASCII text)
format, and DER (binary) format.
2. A ___ validates the unique identifying information and public key information
submitted by a requester and creates a digital certificate which essentially binds
the requester's identity and public key to the certificate.
a) CSR
b) RA
c) CA
d) CRL - ANSWER CA
,- When a requester sends a CSR to a CA in a secure, verifiable way, upon receipt,
the CA will: verify the requester is who they say they are and that they actually
sent the message, verify the public key is the requester's key and is the match to
the requester's private key, and verify the identity information provided in the CSR
is correct before creating the digital certificate for the requester
3. The timeframe a digital certificate is considered to be valid and can be trusted,
is known as the _____.
a) CRL
b) CSR
c) cancelation stage
d) period of validity - ANSWER period of validity
- Certificates receive a period of validity designation (timeframe the cert is valid
and should be trusted) at creation via a start and end date or expiration date. A
certificate authority will assign an issue date and an expiration date for each
digital certificate it creates and issues. Once the certificate expires it should no
longer be trusted. If the certificate encounters an issue warranting it not to be
trusted prior to the expiration, it will be revoked.
4. Which mechanisms from the list below can be checked to verify the validity of
a digital certificate? Select two.
a) CSR
b) OSCP
c) CRL
d) OCSP - ANSWER CRL
OCSP
-One can check the CRL (Certificate Revocation List), and/or OCSP (Online
Certificate Status Protocol) to verify whether a certificate has been revoked or not.
, 5. An entity looking to obtain a digital certificate will provide the CA with ___ and
____ as part of the initial request.
a) a CSR; their public key
b) a CSR; their private key
c) their public key; their private key - ANSWER a CSR; their public key
-Someone looking to obtain a digital certificate will first generate an asymmetric
key pair and then generate a certificate signing request (CSR). The person will
provide the CA with the public key from the generated key pair along with the CSR
to formally request a digital certificate.
6. Certificate expiration occurs during which stage of certificate management?
a) Initialization
b) Issued
c) Cancellation
d) Hold - ANSWER Cancellation
-Certificate management stages include:
Initialization Stage (certificate registration, certificate creation/distribution,
certificate dissemination)
Issued Stage (certificate retrieval, certificate validation)
Cancellation Stage (certificate expiration, certificate revocation)
7. What action does a CA take prior to publishing a CRL to ensure the list can be
validated as authentic by those checking it for certificate statuses?
a) CA duplicates the list
b) CA signs the list with the CA's own public key
Comprehensive Resource To Help You
Ace 2026-2027 Includes Frequently
Tested Questions With ELABORATED
100% Correct COMPLETE SOLUTIONS
Guaranteed Pass First Attempt!!
Current Update!!
1. Which encoding scheme for X.509 certificates supports Base64 and ASCII text
formats?
a) DER
b) CSR
c) IKE
d) PEM - ANSWER PEM
- Two major encoding schemes for X.509 certificates: PEM (Base64, ASCII text)
format, and DER (binary) format.
2. A ___ validates the unique identifying information and public key information
submitted by a requester and creates a digital certificate which essentially binds
the requester's identity and public key to the certificate.
a) CSR
b) RA
c) CA
d) CRL - ANSWER CA
,- When a requester sends a CSR to a CA in a secure, verifiable way, upon receipt,
the CA will: verify the requester is who they say they are and that they actually
sent the message, verify the public key is the requester's key and is the match to
the requester's private key, and verify the identity information provided in the CSR
is correct before creating the digital certificate for the requester
3. The timeframe a digital certificate is considered to be valid and can be trusted,
is known as the _____.
a) CRL
b) CSR
c) cancelation stage
d) period of validity - ANSWER period of validity
- Certificates receive a period of validity designation (timeframe the cert is valid
and should be trusted) at creation via a start and end date or expiration date. A
certificate authority will assign an issue date and an expiration date for each
digital certificate it creates and issues. Once the certificate expires it should no
longer be trusted. If the certificate encounters an issue warranting it not to be
trusted prior to the expiration, it will be revoked.
4. Which mechanisms from the list below can be checked to verify the validity of
a digital certificate? Select two.
a) CSR
b) OSCP
c) CRL
d) OCSP - ANSWER CRL
OCSP
-One can check the CRL (Certificate Revocation List), and/or OCSP (Online
Certificate Status Protocol) to verify whether a certificate has been revoked or not.
, 5. An entity looking to obtain a digital certificate will provide the CA with ___ and
____ as part of the initial request.
a) a CSR; their public key
b) a CSR; their private key
c) their public key; their private key - ANSWER a CSR; their public key
-Someone looking to obtain a digital certificate will first generate an asymmetric
key pair and then generate a certificate signing request (CSR). The person will
provide the CA with the public key from the generated key pair along with the CSR
to formally request a digital certificate.
6. Certificate expiration occurs during which stage of certificate management?
a) Initialization
b) Issued
c) Cancellation
d) Hold - ANSWER Cancellation
-Certificate management stages include:
Initialization Stage (certificate registration, certificate creation/distribution,
certificate dissemination)
Issued Stage (certificate retrieval, certificate validation)
Cancellation Stage (certificate expiration, certificate revocation)
7. What action does a CA take prior to publishing a CRL to ensure the list can be
validated as authentic by those checking it for certificate statuses?
a) CA duplicates the list
b) CA signs the list with the CA's own public key
