I. Examine and describe how public-key infrastructure (PKI) is an integrated system of software, encryption methodologies, protocols, legal agreements, and third-party services that enables users to communicate securely.
II. Apply information in the text regarding digital certificates as public-key container files that allow PKI system components and end users to validate a public key and identify its owner.
III. List the ways how PKI can protect information assets. They use the following techniques:
• Authentication
• Integrity
• Privacy
• Authorization
• Nonrepudiation
IV. Outline components that a typical PKI solution uses to protect transmission and reception of secure information:
• Certificate authority (CA)
• Registration authority (RA)
• Certificate directories
• Management protocols
• Policies and procedures
V. Apply the common implementations of a PKI:
• Issuance of digital certificates to servers and users.
•Directory enrollment.
• Key issuing systems.
• Provide tools to secure information.
• Provide verification and return of certificates.
VI. Stress that certificate authorities (CAs) often perform many housekeeping activities regarding the use of keys and certificates that are used within its zone of authority.
VII. Justify that periodically, certificate revocation lists (CRLs) are sent out to users at the discretion of the information security team.