Which of the following allows lower level domains to access resources in a separate Public Key
Infrastructure?

A.
Trust Model

B.
Recovery Agent

C.
Public Key

D.
Private Key

Explanation:
In a bridge trust model allows lower level domains to access resources in a separate PKI through the root
CA.
A trust Model is collection of rules that informs application on how to decide the legitimacy of a Digital
Certificate.In a bridge trust model, a peer-to-peer relationship exists among the root CAs. The root CAs can
communicate with one another, allowing cross certification. This arrangement allows a certification
process to be established between organizations or departments.
Each intermediate CA trusts only the CAs above and below it, but the CA structure can be expanded
without creating additional layers of CAs.
Incorrect Answers:
B: A recovery agent cannot be used to bridge trust between PKIs.
A key recovery agent is an entity that has the ability to recover a key, key components, or plaintext
messages as needed. As opposed to escrow, recovery agents are typically used to access information that
is encrypted with older keys.
C: A public key is available to everyone. A public key cannot be used to bridge trust between PKIs.
D: A private key is a secret key. It cannot be used to bridge trust between PKIs.

Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis,
2014, pp. 262, 279-285, 285-289