1.  _____ is the process, procedures, and steps used to make sure digital certificates are up to date and stored securely.
    A.     CSR
    B.     CRL
    C.     Key management
    D.     CN

2.   _____ is a type of certificate that can be used for multiple domains (hostnames) that are owned by the same organization.
    A.     Self-signed
    B.     SAN
    C.     Code signing
    D.     Email certificate

3.  _____ are never shared.
    A.     CAs
    B.     private keys
    C.     certificates
    D.     public keys

4.  _____ is a list of revoked certificates that contains the serial number and the revocation date of the revoked certificates.
    A.     CSR
    B.     CRL
    C.     OCSP
    D.     CER

5.  _____ is used to create a trust chain from the root CA, to intermediate CAs, to the certificate issued to the end user.
    A.     Web of trust
    B.     pinning
    C.     Key escrow
    D.     Hierarchical trust model

6.  _____ issues certificates to intermediate CAs.
    A.     PGP
    B.     CRL
    C.     Root CA
    D.     OCSP

7.  _____ is used to send a query to a CA, which will respond with good, revoked, or unknown.
    A.     CRL
    B.     PEM
    C.     CSR
    D.     OCSP

8.  What X.509 certificate format is NOT used to store a private key?
    A.     PFX
    B.     P12
    C.     PEM
    D.     P7B

9.  _____ issues certificates to end devices or users.
    A.     Intermediate CA
    B.     Root CA
    C.     Object identifiers
    D.     DSA

10.  To reduce network traffic and to check to see if a certificate is good, revoked, or unknown, we may want to use _____. The certificate has a timestamped OCSP response digitally signed by the CA (Certificate Authority).
    A.     CSR
    B.     pinning
    C.     OCSP stapling
    D.     CRL