ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CAS-004 All Questions

View all questions & answers for the CAS-004 exam
Go to Exam

Exam CAS-004 topic 1 question 464 discussion

Actual exam question from CompTIA's CAS-004
Question #: 464
Topic #: 1
[All CAS-004 Questions]

A senior cybersecurity engineer is solving a digital certificate issue in which the CA denied certificate issuance due to failed subject identity validation. At which of the following steps within the PKI enrollment process would the denial have occurred?

  • A. RA
  • B. OCSP
  • C. CA
  • D. IdP
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by isaphiltrick at July 6, 2024, 8:20 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
23169fd
Highly Voted 11 months, 3 weeks ago
Selected Answer: A
While the CA is responsible for issuing the certificates, it relies on the RA (if one is used) to perform the identity validation. If the RA performs its duties correctly, any failed identity validation would be handled at the RA level, and the CA would not issue the certificate.
upvoted 7 times
23169fd
11 months, 3 weeks ago
The denial due to failed subject identity validation occurs at the RA (Registration Authority) step within the PKI enrollment process. The RA is responsible for validating the identity of the certificate requestor before the CA issues the certificate
upvoted 1 times
...
...
Steel16
Most Recent 4 months ago
Selected Answer: A
o Registration Authority (RA) is the entity responsible for collecting initial information from the certificate applicant, verifying documents and performing preliminary identity checks. If the CA denies certificate issuance due to failed subject identity validation, it means the RA did not successfully validate the identity of the applicant during the initial registration process. The CA relies on the information provided by the RA to make its final decision. o CA: The Certificate Authority (CA) is responsible for issuing certificates based on the information provided by the RA. While the CA may perform some additional checks, the primary identity validation occurs at the RA stage. The CA reviews the information submitted by the RA and if the identity is not validated there, the CA will deny the certificate request.
upvoted 1 times
...
Bright07
9 months, 1 week ago
The denial of certificate issuance due to failed subject identity validation would have occurred at: C. CA (Certificate Authority). The CA is responsible for validating the identity of the subject requesting the certificate. If the validation fails, the CA will deny the issuance of the certificate. The RA (Registration Authority) may perform initial validation, but the final decision on issuing the certificate lies with the CA.
upvoted 1 times
...
armid
12 months ago
Selected Answer: A
Registration Authority (RA) The Registration Authority, or RA, is responsible for verifying the identity of entities applying for a digital certificate. This can include checking proof of identity or other credentials. The RA doesn’t issue certificates itself but serves as a trusted agent of the CA.
upvoted 2 times
...
isaphiltrick
1 year ago
Selected Answer: C
The denial of certificate issuance due to failed subject identity validation would occur at the CA within the PKI enrollment process. This step involves the CA verifying the identity information provided by the RA and ensuring it meets the criteria for certificate issuance according to the CA's policies and procedures.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel