What type of key would you find within a browser’s list of trusted root CAs?

A.
Private key

B.
Symmetric key

C.
Recovery key

D.
Public key

Explanation:
In cryptography, a public key certificate (also known as a digital certificate or identity certificate) is an electronic
document used to prove ownership of a public key. The certificate includes information about the key,
information about its owner’s identity, and the digital signature of an entity that has verified the certificate’s
contents are correct. If the signature is valid, and the person examining the certificate trusts the signer, then
they know they can use that key to communicate with its owner.
In a typical public-key infrastructure (PKI) scheme, the signer is a certificate authority (CA), usually a company
which charges customers to issue certificates for them.
If you trust the Root CA, you’ll trust all certificates issued by the CA. All web browsers come with an extensive
built-in list of trusted root certificates, many of which are controlled by organizations that may be unfamiliar to
the user. The built-in list of trusted root certificates is a collection of Public Key certificates from the CAs.
Incorrect Answers:
A: The private key is always retained by the owner (in this case, a CA); it is never distributed.
B: You would not find a symmetric key within a browser’s list of trusted root CAs.
C: You would not find a recovery key within a browser’s list of trusted root CAs.

https://en.wikipedia.org/wiki/Public_key_certificate