Cisco 350-701: Types of servers are used as distribution point for CRLs

Table of Contents

Question
Answer
Explanation
Reference

Question

For Cisco IOS PKI, which two types of servers are used as a distribution point for CRLs? (Choose two.)

A. subordinate CA
B. HTTP
C. SDP
D. LDAP
E. SCP

Answer

B. HTTP
D. LDAP

Explanation

The correct answers are B and D.

B. HTTP. This is true because Cisco IOS PKI supports HTTP as one of the protocols for distributing CRLs to PKI clients. HTTP is a widely used protocol that allows PKI servers to publish CRLs to a web server that can be accessed by PKI clients over the internet.

D. LDAP. This is true because Cisco IOS PKI supports LDAP as one of the protocols for distributing CRLs to PKI clients. LDAP is a protocol that allows PKI servers to publish CRLs to a directory server that can be queried by PKI clients using LDAP queries.

The other options are incorrect because:

A. subordinate CA. This is false because a subordinate CA is not a type of server, but a type of certificate authority that issues certificates to PKI clients under the authority of a root CA. A subordinate CA may publish CRLs using HTTP or LDAP, but it is not itself a distribution point for CRLs.
C. SDP. This is false because SDP is not a protocol for distributing CRLs, but a protocol for describing multimedia sessions, such as voice or video calls. SDP has nothing to do with Cisco IOS PKI or CRLs.
E. SCP. This is false because SCP is not a protocol for distributing CRLs, but a protocol for securely transferring files between hosts using SSH. SCP is not supported by Cisco IOS PKI or CRLs.

Reference

Implementing and Operating Cisco Security Core Technologies 350-701 certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the Implementing and Operating Cisco Security Core Technologies 350-701 exam and earn Implementing and Operating Cisco Security Core Technologies 350-701 certification.