When reviewing a digital certificate for accuracy, which of the following would Matt, a security administrator, focus on to determine who affirms the identity of the
certificate owner?

A.
Trust models

B.
CRL

C.
CA

D.
Recovery agent

Explanation:
A certificate authority (CA) is an organization that is responsible for issuing, revoking, and distributing certificates. The CA affirms the identity of the certificate
owner.
Incorrect Answers:
A: A trust Model is collection of rules that informs application on how to decide the legitimacy of a Digital Certificate. A trust model in itself would not help matt to
affirm the identity of the certificate owner.
B: A certificate revocation list (CRL) is created and distributed to all CAs to revoke a certificate or key. A CRL is not used to issue certificates or affirm the identity of
owner of a certificate.
D: A key recovery agent is an entity that has the ability to recover a key, key components, or plaintext messages as needed. A key recovery agent could not affirm
the identity of owner of a certificate.

Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 279-280, 285, 285-289