An analyst was tasked with providing recommendations of technologies that are PKI X.509 compliant for a variety of secure functions. Which of the following technologies meet the compatibility requirement? (Choose three.)
according to this, solution should be fine: AES, PKCS, SSL/TLS
"Applications MUST support the encrypted PEM files in the form based on [RFC1423] which is commonly used by historical versions of OpenSSL, with at least the DES-EDE3-CBC, AES-128-CBC and AES-256-CBC modes.
For PKCS#12 [RFC7292] and PKCS#8 [RFC5208] formats, applications MUST support reading objects stored with the following encryption methods:
PBES1 pbeWithMD5AndDES-CBC [RFC2898]
PBES1 pbeWithSHA1And3-KeyTripleDES-CBC [RFC7292]
PBES2 AES-128-CBC (OID: 2.16.840.1.101.3.4.1.2) [RFC2898]
PBES2 AES-256-CBC (OID: 2.16.840.1.101.3.4.1.42) [RFC2898]"
http://david.woodhou.se/draft-woodhouse-cert-best-practice.html
DEF is the correct answer. AES is a symmetric cypher and has nothing to do with X.509 which defines the format of public key certificates, so that is not a correct option.
This section is not available anymore. Please use the main Exam Page.CS0-001 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Jeend
2 years, 4 months agorodya2020
4 years, 7 months agoB1GHead
4 years, 1 month agomaxdamage
4 years, 7 months agoslcc99
5 years, 1 month ago