CompTIA Security Plus Mock Test Q1458

A security administrator finds that an intermediate CA within the company was recently breached. The certificates held on this system were lost during the attack, and it is suspected that the attackers had full access to the system. Which of the following is the NEXT action to take in this scenario?

A. Use a recovery agent to restore the certificates used by the intermediate CA
B. Revoke the certificate for the intermediate CA
C. Recover the lost keys from the intermediate CA key escrow
D. Issue a new certificate for the root CA

Correct Answer: B
Section: Mixed Questions