Exam 200-301 topic 1 question 675 discussion

B) CRL (Certificate Revocation List) is a list of digital certificates that have been revoked by the issuing CA before their expiration date. D) CA (Certificate Authority) is a trusted entity that grants digital certificates to organizations or individuals, which can be used to establish secure connections and exchange data securely Both are the integral parts of Public Key Infrastructure (PKI)

A) A PSK has nothing to do with PKIs B) A CRL informs devices when a certificate is revoked/withdrawn C) RSA token has nothing to do with PKIs D) A certificate authority is center of the flow of trust E) I have no idea what they're meaning here but maybe this is just another PSK reference B and D are clear answers. More reading here: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_conn_pki/configuration/xe-3s/sec-pki-xe-3s-book/sec-cfg-auth-rev-cert.html

B & D are correct C is incorrect, RSA tokens are used for two-factor authentication and generating one-time passwords, but they are not a fundamental component of a PKI.

I will go with C & D An RSA key pair (a public and a private key) is required before you can obtain a certificate for your router; that is, the end host must generate a pair of RSA keys and exchange the public key with the certification authority (CA) to obtain a certificate and enroll in a PKI. https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_conn_pki/configuration/xe-16/sec-pki-xe-16-book/sec-deploy-rsa-pki.html

https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_conn_pki/configuration/xe-16/sec-pki-xe-16-book/sec-deploy-rsa-pki.html

Should be B and D