PKI/LRA Exam Questions and Answers with Verified Solutions |
Latest 2026 Update
Q: the architecture, organization, techniques, practices, and procedures that
collectively support the implementation and operation of a certificate-based
public key cryptographic system. It is a framework established to issue,
maintain, and revoke public key certificates.
Answer:
PKI
Q: overall policy, rules, and procedures pertaining to the applicability of a
certificate to a community and/or class of application with common security
requirements
Answer:
Certificate Policy (CP)
Q: defines the implementation of the rules set by the X.509 CP
Answer:
Certificate Practice Statement (CPS)
Q: a PKI for SECRET-high collateral, classified networks
Answer:
National Security System (NSS) PKI
Q: statement of practices the LRA employs when performing LRA duties on the
NSS PKI(in compliance with No. 1300)
Answer:
Registration Practice Statement (RPS)
Q: an entity (server) authorized to create, sign, and issue public key certificates
Answer:
Certification Authority (CA)
Q: 6 years total. issues certs for 3 years then acts as standby till retired
Answer:
CA life time first cert in the chain - Root CA
, Q: a mathematical algorithm (protected by the holder) used to create digital
signatures and, depending upon the algorithm, to decrypt messages.
Answer:
Private Key
Q: a mathematical algorithm that has "public availability" and that applications
use to verify signatures created with its corresponding private key. Depending
on the algorithm, public keys can encrypt messages.
Answer:
Public Key
Q: used to sign documents, used to decrypt messages, used for client
authentication
Answer:
Private key bullets
Q: used to encrypt e-mail messages to other people, used to verify signatures
Answer:
Public key bullets
converts a string of data into a small value(like a checksum). The value can be
compared to a rehash of the original string to determine if any changes occur.
Digital Signatures use SHA -
Secure Hash Algorithm (SHA)
Q: mathematical science associated with confidentiality, integrity, authentication,
and non-repudiation. Has 3 classifications (Sym, Asym, and hybrid)
Answer:
Key Cryptography
Q: the same key is used for encryption and decryption. The same key is also used
by all parties to a communications exchange.
Answer:
Symmetric Key System(conventional)
Q: DES/DES3, BLOWFISH, IDEA, RC4, AES
Latest 2026 Update
Q: the architecture, organization, techniques, practices, and procedures that
collectively support the implementation and operation of a certificate-based
public key cryptographic system. It is a framework established to issue,
maintain, and revoke public key certificates.
Answer:
PKI
Q: overall policy, rules, and procedures pertaining to the applicability of a
certificate to a community and/or class of application with common security
requirements
Answer:
Certificate Policy (CP)
Q: defines the implementation of the rules set by the X.509 CP
Answer:
Certificate Practice Statement (CPS)
Q: a PKI for SECRET-high collateral, classified networks
Answer:
National Security System (NSS) PKI
Q: statement of practices the LRA employs when performing LRA duties on the
NSS PKI(in compliance with No. 1300)
Answer:
Registration Practice Statement (RPS)
Q: an entity (server) authorized to create, sign, and issue public key certificates
Answer:
Certification Authority (CA)
Q: 6 years total. issues certs for 3 years then acts as standby till retired
Answer:
CA life time first cert in the chain - Root CA
, Q: a mathematical algorithm (protected by the holder) used to create digital
signatures and, depending upon the algorithm, to decrypt messages.
Answer:
Private Key
Q: a mathematical algorithm that has "public availability" and that applications
use to verify signatures created with its corresponding private key. Depending
on the algorithm, public keys can encrypt messages.
Answer:
Public Key
Q: used to sign documents, used to decrypt messages, used for client
authentication
Answer:
Private key bullets
Q: used to encrypt e-mail messages to other people, used to verify signatures
Answer:
Public key bullets
converts a string of data into a small value(like a checksum). The value can be
compared to a rehash of the original string to determine if any changes occur.
Digital Signatures use SHA -
Secure Hash Algorithm (SHA)
Q: mathematical science associated with confidentiality, integrity, authentication,
and non-repudiation. Has 3 classifications (Sym, Asym, and hybrid)
Answer:
Key Cryptography
Q: the same key is used for encryption and decryption. The same key is also used
by all parties to a communications exchange.
Answer:
Symmetric Key System(conventional)
Q: DES/DES3, BLOWFISH, IDEA, RC4, AES