PrepAway - Latest Free Exam Questions & Answers

Which of the following is the FIRST step the security administrator should take?

A company’s security administrator wants to manage PKI for internal systems to help reduce costs. Which
of the following is the FIRST step the security administrator should take?

PrepAway - Latest Free Exam Questions & Answers

A.
Install a registration server.

B.
Generate shared public and private keys.

C.
Install a CA

D.
Establish a key escrow policy.

Explanation:
PKI is a two-key, asymmetric system with four main components: certificate authority (CA), registration
authority (RA), RSA (the encryption algorithm), and digital certificates. When you implement a PKI you
should start by installing a CA.
Incorrect Answers:
A: When you implement a PKI you are not required to install a registration server. You can rely on a public
registration authority server.
B: To generate shared public and private keys you would need a CA.
D: A key escrow policy is not required for a PKI.
Key escrow addresses the possibility that a third party may need to access keys. Under the conditions of
key escrow, the keys needed to encrypt/decrypt data are held in an escrow account (think of the term as
it relates to home mortgages) and made available if that third party requests them. The third party in
question is generally the government, but it could also be an employer if an employee’s private messages
have been called into question.

Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis,
2014, pp. 262, 278-290


Leave a Reply