Question

A security engineer deploys a certificate from a commercial CA to the RADIUS server for use with the EAP-TLS wireless network. Authentication is failing, so the engineer examines the certificate's properties:

Issuer: (A commercial CA)
Valid from: (yesterday’s date)
Valid to: (one year from yesterday’s date)
Subject: CN=smithco.com
Public key: RSA (2040 bits)
Enhanced key usage: Client authentication (1.3.6.1.5.7.3.2)
Key usage: Digital signature, key encipherment (a0)
Which of the following is the MOST likely cause of the failure?
A. The certificate is missing the proper OID.
B. The certificate is missing wireless authentication in key usage.
C. The certificate is self-signed.
D. The certificate has expired.

Answer 1

The MOST likely cause of the failure is:

A. The certificate is missing the proper OID.

Step-by-step explanation:

OID (Object Identifier) is a globally unique group of characters, alphanumeric or numeric identifier, registered under the ISO registration standard to reference a specific object or object class (an entity). In computing, OID allows a server or end-user to retrieve an object without identifying the specific physical data location. Since OID is system-generated, it is immutable and can only be assigned to one object. It cannot be shared. Its presence in the certificate would have enabled the security engineer to authenticate the certificate.