CompTIA Security Plus Mock Test Q1105

The security administrator installed a newly generated SSL certificate onto the company web server. Due to a misconfiguration of the website, a downloadable file containing one of the pieces of the key was available to the public. It was verified that the disclosure did not require a reissue of the certificate. Which of the following was MOST likely compromised?

A. The file containing the recovery agent’s keys.
B. The file containing the public key.
C. The file containing the private key.
D. The file containing the server’s encrypted passwords.

Correct Answer: B
Section: Cryptography

Explanation:
The public key can be made available to everyone. There is no need to reissue the certificate.

Incorrect Answers:
A: The recovery agent has no key.
C: The private key must be secret. If the private key is made available to a third party, then the key must be revoked.
D: Encrypted passwords would not be a security risk. It would be hard to decrypt them.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 279-285