FCSS – LAN Edge Administrator 7.6 — Question 9

In public key infrastructure (PKI), what is the primary role of a certificate revocation list (CRL)?

Answer options

• A. To enable certificate authorities to update certificates with new public key information.
• B. To list expired certificates and ensure they are not used for encryption.
• C. To provide information about the revocation status of certificates in real time.
• D. To maintain a list of certificates that have been revoked by the certificate authority (CA) before their expiration date.

Correct answer: D

Explanation

The correct answer is D because a certificate revocation list (CRL) specifically maintains a record of certificates that have been revoked by the certificate authority (CA) before their expiration date. Options A, B, and C are incorrect as they describe different functions not associated with the primary role of a CRL in PKI.