NSE 7 – LAN Edge 7.0 — Question 48

Which two statements about the use of digital certificates are true? (Choose two.)

Answer options

• A. In a chain of trust, the root CA is signed by another certificate.
• B. To validate the signature on a certificate, an endpoint does not need to know the CA of that certificate.
• C. A chain of trust may include one or more intermediate CAs.
• D. An intermediate CA can sign other certificates.

Correct answer: C, D

Explanation

The correct answers are C and D because a chain of trust can indeed consist of multiple intermediate CAs that help validate certificates. Additionally, intermediate CAs are authorized to sign other certificates, establishing further trust. Options A and B are incorrect; the root CA should not be signed by another certificate, and an endpoint must know the CA to validate the signature properly.