350-701 · Question #285
What is the purpose of CA in a PKI?
The correct answer is C. to issue and revoke digital certificates.. The primary purpose of a Certificate Authority (CA) in a Public Key Infrastructure (PKI) is to manage the lifecycle of digital certificates, including their issuance and revocation.
Question
What is the purpose of CA in a PKI?
Exhibit
Options
- Ato create the private key for a digital certificate.
- Bto validate the authenticity of a digital certificate
- Cto issue and revoke digital certificates.
- Dto certify the ownership of a public key by the named subject
How the community answered
(70 responses)- A1% (1)
- B6% (4)
- C90% (63)
- D3% (2)
Why each option
The primary purpose of a Certificate Authority (CA) in a Public Key Infrastructure (PKI) is to manage the lifecycle of digital certificates, including their issuance and revocation.
Private keys are typically generated by the subject or device requesting the certificate, not by the CA.
The validation of a digital certificate's authenticity is performed by relying parties (users, systems) who trust the CA, not directly by the CA itself post-issuance.
A Certificate Authority (CA) acts as a trusted third party, responsible for issuing digital certificates to verify the identity of entities and for revoking those certificates if they become compromised or no longer valid.
Certifying the ownership of a public key by the named subject is a function performed during certificate issuance, but the CA's role encompasses the broader management of certificates, including revocation.
Concept tested: Certificate Authority (CA) role in PKI
Source: https://learn.microsoft.com/en-us/windows-server/identity/ad-cs/adcs-overview
Topics
Community Discussion
No community discussion yet for this question.
