312-50V9 Question #156: Real Exam Question with Answer & Explanation

The correct answer is B: Cross certification. Cross-certification is the process by which two separate Certificate Authorities (CAs) issue certificates to each other, establishing a mutual trust relationship between their PKI hierarchies. After cross-certification, users in Company A's PKI can validate certificates issued by

Question

Company A and Company B have just merged and each has its own Public Key Infrastructure (PKI). What must the Certificate Authorities (CAs) establish so that the private PKIs for Company A and Company B trust one another and each private PKI can validate digital certificates from the other company?

Options

APoly key exchange
BCross certification
CPoly key reference
DCross-site exchange

Explanation

Cross-certification is the process by which two separate Certificate Authorities (CAs) issue certificates to each other, establishing a mutual trust relationship between their PKI hierarchies. After cross-certification, users in Company A's PKI can validate certificates issued by Company B's CA, and vice versa, without requiring a common root CA. This is a standard solution when two organizations with independent PKIs need to interoperate - such as after a corporate merger. Options A ('Poly key exchange') and C ('Poly key reference') are not real PKI concepts. Option D ('Cross-site exchange') is a fabricated term and should not be confused with cross-site scripting (XSS), which is an unrelated web security vulnerability.

Community Discussion

No community discussion yet for this question.

Full 312-50V9 Practice