CompTIA Security Plus Mock Test Q1119

Which of the following types of trust models is used by a PKI?

A. Transitive
B. Open source
C. Decentralized
D. Centralized

Correct Answer: D
Section: Cryptography

Explanation:
PKI uses a centralized trust model. In a simple PKI a single centralized certification authority (CA). In a hierarchical trust model the root CA is the center of the model, with subordinate
CAs lower in the hierarchy.
Note: A public key infrastructure (PKI) is a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates.
A trust Model is collection of rules that informs application on how to decide the legitimacy of a Digital Certificate.

Incorrect Answers:
A: Some of the trust in a PKI trust model are transitive, but the trust model itself is centralized not transitive.
B: Open Source refers to software and is not a concept that is within a PKI.
Open source software is software whose source code is available for modification or enhancement by anyone.
C: PKI is not use a decentralized trust model.
Web of trust, an alternative to PKI, use a decentralized trust model.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 285-289