CompTIA Security Plus Mock Test Q1114

Which of the following allows an organization to store a sensitive PKI component with a trusted third party?

A. Trust model
B. Public Key Infrastructure
C. Private key
D. Key escrow


Correct Answer: D
Section: Cryptography

Explanation:
Sensitive PKI data, such as private keys, can be put into key escrow data. The key escrow data can be kept at a trusted third party.
Key escrow is an arrangement in which the keys needed to decrypt encrypted data are held in escrow so that, under certain circumstances, an authorized third party may gain access
to those keys. These third parties may include businesses, who may want access to employees’ private communications, or governments, who may wish to be able to view the
contents of encrypted communications.

Incorrect Answers:
A: A trust Model is collection of rules that informs application on how to decide the legitimacy of a Digital Certificate. A trust model cannot store sensitive information.
B: A PKI cannot store sensitive information.
The Public-Key Infrastructure (PKI) is intended to offer a means of providing security to messages and transactions on a grand scale. The need for universal systems to support ecommerce,
secure transactions, and information privacy is one aspect of the issues being addressed with PKI.
C: A private key is a secret key. It is not used to stored sensitive information through a third party.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 262, 279-285, 285-289