Which of the following types of trust models is used by a PKI?
B. Open source
Correct Answer: D
PKI uses a centralized trust model. In a simple PKI a single centralized certification authority (CA). In a hierarchical trust model the root CA is the center of the model, with subordinate
CAs lower in the hierarchy.
Note: A public key infrastructure (PKI) is a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates.
A trust Model is collection of rules that informs application on how to decide the legitimacy of a Digital Certificate.
A: Some of the trust in a PKI trust model are transitive, but the trust model itself is centralized not transitive.
B: Open Source refers to software and is not a concept that is within a PKI.
Open source software is software whose source code is available for modification or enhancement by anyone.
C: PKI is not use a decentralized trust model.
Web of trust, an alternative to PKI, use a decentralized trust model.
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 285-289