CompTIA Security Plus Mock Test Q1116

Which of the following allows lower level domains to access resources in a separate Public Key Infrastructure?

A. Trust Model
B. Recovery Agent
C. Public Key
D. Private Key


Correct Answer: A
Section: Cryptography

Explanation:
In a bridge trust model allows lower level domains to access resources in a separate PKI through the root CA.
A trust Model is collection of rules that informs application on how to decide the legitimacy of a Digital Certificate.
In a bridge trust model, a peer-to-peer relationship exists among the root CAs. The root CAs can communicate with one another, allowing cross certification. This arrangement allows a
certification process to be established between organizations or departments.
Each intermediate CA trusts only the CAs above and below it, but the CA structure can be expanded without creating additional layers of CAs.

Incorrect Answers:
B: A recovery agent cannot be used to bridge trust between PKIs.
A key recovery agent is an entity that has the ability to recover a key, key components, or plaintext messages as needed. As opposed to escrow, recovery agents are typically used to
access information that is encrypted with older keys.
C: A public key is available to everyone. A public key cannot be used to bridge trust between PKIs.
D: A private key is a secret key. It cannot be used to bridge trust between PKIs.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 262, 279-285, 285-289