Which of the following allows an organization to store a sensitive PKI component with a trusted third
party?

A.
Trust model

B.
Public Key Infrastructure

C.
Private key

D.
Key escrow

Explanation:
Sensitive PKI data, such as private keys, can be put into key escrow data. The key escrow data can be kept
at a trusted third party.
Key escrow is an arrangement in which the keys needed to decrypt encrypted data are held in escrow so
that, under certain circumstances, an authorized third party may gain access to those keys. These third
parties may include businesses, who may want access to employees’ private communications, or
governments, who may wish to be able to view the contents of encrypted communications.
Incorrect Answers:
A: A trust Model is collection of rules that informs application on how to decide the legitimacy of a Digital
Certificate. A trust model cannot store sensitive information.
B: A PKI cannot store sensitive information.
The Public-Key Infrastructure (PKI) is intended to offer a means of providing security to messages and
transactions on a grand scale. The need for universal systems to support e-commerce, secure
transactions, and information privacy is one aspect of the issues being addressed with PKI.C: A private key is a secret key. It is not used to stored sensitive information through a third party.

Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis,
2014, pp. 262, 279-285, 285-289