A company’s security administrator wants to manage PKI for internal systems to help reduce
costs. Which of the following is the FIRST step the security administrator should take?

A.
Install a registration server.

B.
Generate shared public and private keys.

C.
Install a CA

D.
Establish a key escrow policy.

Explanation:
PKI is a two-key, asymmetric system with four main components: certificate authority (CA),
registration authority (RA), RSA (the encryption algorithm), and digital certificates. When you
implement a PKI you should start by installing a CA.